In this era of escalating data breach, several firms are working extremely hard to prevent data breach cases. Notably, organizations from different sizes and industries have become more aware of data breach threats (Kadam, 2007). Therefore, companies have taken pro-active steps to formulate data incident response policy and teams. Organizations have mobilized stakeholders and resources in readiness to mitigating data breach experience. Data incident response policy comprises of procedures and plans for information security. Again there exists a critical component considered when creating data incident response policy. Incident policy serves the following objectives;
Data Incident Response Team (DIRT) plays an integral role right from the formulation of breach policy to implementation of the plan when an incident has occurred. Incident teams differ in the exact role they play and organizational structure, furthermore the department responsible considers some factors before selecting a group. Ideally, data incident response team should comprise of a technical team, managers and team members. Individuals or teams in the incident response team should be assigned different tasks including documenting and distributing incident response. An incident team should access data and conduct thorough surveillance and analyze information security alerts.
Incident response teams should carry out baseline services and any additional activity that adds value to incident response. The teams’ functions can be categorized into proactive, reactive and information security improvement. Adequate funding of the team and good management ensures that an organization acquired business intelligence and protected from risks.
The increased cyber-crime incidents have led to the creation of policies and laws by various institutions to prevent the destructive effects of the breach. The incident plan identifies individuals responsible for multiple response activities, and this helps to instill order among the teams. The policy also specifies steps taken to people responsible for the breach.
Kadam, A. (2007). Information Security Policy Development and Implementation. Information Systems Security, 16(5), 246-256. doi: 10.1080/10658980701744861