Introduction

In this era of escalating data breach, several firms are working extremely hard to prevent data breach cases. Notably, organizations from different sizes and industries have become more aware of data breach threats (Kadam, 2007). Therefore, companies have taken pro-active steps to formulate data incident response policy and teams. Organizations have mobilized stakeholders and resources in readiness to mitigating data breach experience. Data incident response policy comprises of procedures and plans for information security. Again there exists a critical component considered when creating data incident response policy. Incident policy serves the following objectives;

1. Unravel the cause of an incident
2. Identify and document procedures for incident mitigation in an organization
3. Facilitate quick recovery of primary systems.
4. Ensure the various teams well coordinate an incident.
5. Create measures to prevent a future breach

Data Incident Response Team (DIRT) plays an integral role right from the formulation of breach policy to implementation of the plan when an incident has occurred. Incident teams differ in the exact role they play and organizational structure, furthermore the department responsible considers some factors before selecting a group. Ideally, data incident response team should comprise of a technical team, managers and team members. Individuals or teams in the incident response team should be assigned different tasks including documenting and distributing incident response. An incident team should access data and conduct thorough surveillance and analyze information security alerts.

Response

Incident response teams should carry out baseline services and any additional activity that adds value to incident response. The teams’ functions can be categorized into proactive, reactive and information security improvement. Adequate funding of the team and good management ensures that an organization acquired business intelligence and protected from risks.

Response

The increased cyber-crime incidents have led to the creation of policies and laws by various institutions to prevent the destructive effects of the breach. The incident plan identifies individuals responsible for multiple response activities, and this helps to instill order among the teams. The policy also specifies steps taken to people responsible for the breach.

Reference

Kadam, A. (2007). Information Security Policy Development and Implementation. Information Systems Security, 16(5), 246-256. doi: 10.1080/10658980701744861