It’s data breach day – in a good way! Let’s face it, data breaches happen to many organizations out there and, chances are, most organizations will be hit with one at some point. So, how prepared is your organization for a potential data breach incident and how to recover from one? This guide from Gartner provides some terrific recommendations for midsize enterprise CIOs that could also be applicable for an organization of any size.
Gartner’s Data Breach Preparedness for the Midsize Enterprise CIO provides an overview of data breach impacts and highlights recommendations for midsize enterprise CIOs to ensure they have practical plans to remediate and recover from a data breach. The report includes impacts and recommendations for midsized CIOs to address the impacts to help avoid data breaches and minimize the impact if your organization is hit with one. The report includes:
- Four recommendations for midsize CIOs who are responsible for security responses
- Thirteen key components of an incident response plan
- What a breach management and breach communications team might look like in terms of participating departments and involvement (management, communications or both)
- Characteristics of popular cybersecurity frameworks, including Security Controls, Security Management Program (SMP) and IT Governance frameworks.
The report is available for download for FREE here, courtesy of eDiscovery Today Educational Partner HaystackID!
So, what do you think? Does your organization have an incident response plan and a breach recovery plan? If not, check out the report from Gartner! And, as always, please share any comments you might have or if you’d like to know more about a particular topic.
Disclosure: HaystackID is an Educational Partner and sponsor of eDiscovery Today
Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.