Introduce the concept of incident notification by explaining that a key element of any response plan is to define who to notify and who not to notify in the event of a computer security incident. Review the questions that should be addressed when developing an incident notification process.
- Within the company, who needs to be notified, and what information does each person need to have?
- Under what conditions should the company contact major customers and suppliers?
- How does the company inform them of disruption in business without unnecessarily alarming them?
- When should local authorities or the FBI be contacted?
Sample Solution