NIST compliance is a key strategy for managing security risks and protecting sensitive data—especially for organizations working with the government or bidding for defense contracts.
It’s critical to have the right people with the right skills, along with associated tribal knowledge. Appoint a team leader who will have overall responsibility for responding to the incident. This person should have a direct line of communication with management so that important decisions—such as taking key systems offline if necessary—can be made quickly.
The IR team you’ve assembled should first work to identify the cause of the breach, and then ensure that it’s contained
Once you’ve detected an incident and its source, you need to contain the damage. This may involve disabling network access for computers known to be infected by viruses or other malware (so they can be quarantined) and installing security patches to resolve malware issues or network vulnerabilities. You may also need to reset passwords for users with accounts that were breached, or block accounts of insiders that may have caused the incident
Look at the cause of the incident. In cases where there was a successful external attacker or malicious insider, consider the event as more severe and respond accordingly.
A data breach is a security incident in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized person. Privacy laws such as GDPR and California’s CCPA require public notification in the event of such a data breach. Notify affected parties so they can protect themselves from identity theft or other fallout from the disclosure of confidential personal or financial data
Utilize tools to remember every IT asset running in your development and its related cybersecurity vulnerabilities
Take necessary security steps, like protecting logins with multi-factor authentication and training staff to prevent phishing attempts.
Subscribe to get your copy of checklist etc