Chapter 9. Closure


An incident can be closed upon the completion of the investigation, the issuance of external notifications if warranted, and the implementation of all suitable security remediation measures. This phase provides closure for the incident by taking action against its cause and learning from it to improve current processes and procedures. The successful close of a data security incident involves several steps:

Get Managing Catastrophic Loss of Sensitive Data now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.