PART 3 – A SAMPLE TREATMENT PROCESS

CHAPTER 10: A SAMPLE TREATMENT PROCESS

In this part, we will present a treatment process for dealing with a breach. This process is intended for larger companies.

It comprises the major steps below.

1  Gather information

2  Determine extent and damage

3  Establish and conduct investigation

4  Determine mitigation (in parallel with Step 3)

5  Implement mitigation

6  Follow up on investigation results

7  Determine degree of resolution achieved

Now let us look at these steps in detail.

Step 1 Gather information

This is the initial step. We assume that you have just been made aware of the fact that something might be wrong.

You will spend the next hours or days determining precisely what this ‘something’ is. For ...

Get Managing Information Security: Studies from real life now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.