Menu

Data Privacy Group

Cyber Security, Privacy, Compliance, Training, Staffing, and Internal Auditing

IRT - Instant Response & Ready in an Instant

Our Incident Response Team is not a reaction to a Breach; it is a well thought out plan that we have developed with your team in advance of the incident occurring.  As part of our Incident Plan, the following will kick into action as soon as you engage us.

 

Phase I / First 24 Hours

  • Your Internal/External Response Team will be assembled
  • Our Network Integrity Experts will test your equipment, IDS/IPS, Firewall, Software and make immediate changes to your infrastructure to halt future exposure
  • Working with your team, we will assist in updating credentials and passwords to regain control of your infrastructure
  • Implement BDR strategies to continue operations

Phase II / Guage Your Legal Exposure

  • Determine which types of information was compromised
  • Determine which jurisdictions you are subject to
  • Determine your vendor/clients exposure
  • Determine your requirement for notification in consultation with Legal Counsel
  • Health Information requires additional considerations including positive notification of individuals, HHS and in some cases media

Phase III / Notification

  • Engage a Legal and PR Firm
  • Notify Convening Legal Authority
  • Notify Data Protection Authority when dealing with GDPR related breaches
  • Consult with Law Enforcement
  • Designate EXACTLY ONE person within your organization to release information to all public media and/or public authorities.
  • When necessary, engage a call center to handle incoming calls relating to the breach or for positive notification required by regulations of specific laws
  • Consider credit monitoring or other remedial remedies for customers.

Phase IV / Wrap-Up Start Over

  • Document all steps were taken during Incident Response
  • Conduct GAP Analysis, learn from mistakes and prepare new Incident Response Plan