Plan against data gaps for the IT organization
A plan against a data breach, which is equally flexible, should include these key points:
Start with a risk assessment.
CEOs and their executive colleagues, should be able to identify the most critical business functions, and then prioritize which systems are recovered and restored first.
Set Thresholds
The impact breach are different for each system, which is why thresholds are set for each problem, some data breaches can only cause minimal interruptions, while others can spoil the entire system. A plan against these breachs must be related to the corresponding security levels.
Planear la intervención
The IT team determines which systems are affected by a breach, the impact, the scope and which is the most crucial to receive immediate attention for data protection and for how long.
Flexibility
Plans against data breaches must be modular and granular at the same time. The experts said, with this we can guarantee control over the privacy of our company's data.
Identify which person will be responsable
You should have a list of people in charge of each specific function, along with your personal information and the name of a forensic signature (preferably a checkpoint, to guarantee a timely response and possibly one or two backup signatures).
Legal requirements
Detail when and how to integrate the executive crisis management team into the loop, so that the appropriate legal and regulatory requirements in relation to data breaches are met, and the company's public relations people can adequately assist in informing for the clients and consumers.
Establish alternative systems.
Alternative systems are very useful, with these systems you can easily go back to manual processes so as not to lose the important information or alter IT times. The IT team will be responsible for finding out these alternatives.
Simulations Tests
The execution of simulations based on specific problems of information gaps, are highly functional since they prevent the IT team from possible attacks and in this way it can be determined if there is any external help to execute the plan against the information gaps. We recommended to run simulations periodically.
These simple steps will help us to contain the information gaps more effectively in our IT systems, we recommend you follow them and consult a specialist to obtain more detailing information.
