Effective incident response communications require collaboration from: IT, Legal, PR, and HR \u2013 groups that often speak \u201cdifferent languages.\u201d<\/span><\/li>\n<\/ul>\n<\/span><\/p>\nRecommendations<\/strong><\/h2>\nKey Points<\/strong><\/em><\/h3>\n\n- There\u2019s no such thing as successful<\/em> incident response communications; strive instead for effective<\/em> communications. There will always be some fallout after a security incident, but it can be effectively mitigated through honesty, transparency, and accountability.<\/span><\/span><\/span><\/span><\/span><\/span><\/li>\n
- Effective external communications begin with effective internal communications. Security Incident Response Team members come from departments that don\u2019t usually work closely with each other. This means they often have different ways of thinking and speaking about issues. Be sure they are familiar with each other before a crisis occurs.<\/span><\/span><\/span><\/span><\/span><\/li>\n
- You won\u2019t save face by withholding embarrassing details. Lying only makes a bad situation worse, but coming clean and acknowledging shortcomings (and how you\u2019ve fixed them) can go a long way towards restoring stakeholders\u2019 trust.<\/span><\/li>\n<\/ul>\n
<\/span><\/p>\nApproach<\/strong><\/em><\/h3>\n\n- Effective and efficient management of security incidents involves a formal process of preparation, detection, analysis, containment, eradication, recovery, and post-incident activities: communications must be integrated into each of these phases.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/li>\n
- Understand that prior planning helps to take the guesswork out of incident response communications. By preparing for several different types of security incidents, the communications team will get used to working with each other, as well as learning what strategies are and are not effective. Remember, the communications team contains diverse members from various departments, and each may have different ideas about what information is important to release.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/li>\n<\/ul>\n
Methodology and Tools<\/strong><\/h2>\nExecutive Brief<\/strong><\/h3>\nRead the concise Executive Brief to find out why you should implement a security incident response communications plan and review the methodology.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n\n- Master Your Security Incident Response Communications Program \u2013 Executive Brief<\/span><\/span><\/span><\/strong><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/span><\/li>\n
- Master Your Security Incident Response Communications Program \u2013 Phases 1-2<\/span><\/span><\/span><\/strong><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/span><\/li>\n<\/ul>\n
1. Dive into communications planning<\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/h3>\nThis phase addresses the benefits and challenges of incident response communications and offers advice on how to assemble a communications team and develop a threat escalation protocol.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n\n- Master Your Security Incident Response Communications Program \u2013 Phase 1: Dive into Communications Planning<\/span><\/span><\/span><\/strong><\/span><\/span><\/span><\/strong><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/span><\/li>\n
- Security Incident Management Plan<\/span><\/span><\/span><\/strong><\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/span><\/li>\n<\/ul>\n
2. Develop your communications plan<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/h3>\nThis phase focuses on creating an internal and external communications plan, managing incident fallout, and conducting a post-incident review.<\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/p>\n\n- Master Your Security Incident Response Communications Program \u2013 Phase 2: Develop Your Communications Plan<\/span><\/span><\/span><\/strong><\/strong><\/span><\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/span><\/li>\n
- Security Incident Response Interdepartmental Communications Template<\/span><\/span><\/span><\/strong><\/strong><\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/span><\/li>\n
- Security Incident Communications Policy Template<\/span><\/span><\/span><\/strong><\/strong><\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/span><\/li>\n
- Security Incident Communications Guidelines and Templates<\/span><\/span><\/span><\/strong><\/strong><\/span><\/span><\/span><\/span><\/span><\/span><\/strong><\/span><\/li>\n