This preview shows page 1. Sign up to view the full content.
Unformatted text preview: hould also be closely linked to the company’s security training
and awareness program to ensure that these types of mishaps do not take place. Past
issues that the incident recovery team encountered can be used in future training sessions to help others learn what the company is faced with and how to improve response
Employees need to know how to report an incident. Therefore, the incident response policy should detail an escalation process so that employees understand when
evidence of a crime should be reported to higher management, outside agencies, or law
enforcement. The process must be centralized, easy to accomplish (or the employees
won’t bother), convenient, and welcomed. Some employees feel reluctant to report
incidents because they are afraid they will get pulled into something they do not want
to be involved with or accused of something they did not do. There is nothing like trying to do the right thing and getting hit with a big stick. Employees should feel comfortable about the process, and not feel intimidated by reporting suspicious activities.
The incident response policy should also dictate how employees should interact
with external entities, such as the media, government, and law enforcement. This, in
particular, is a complicated issue influenced by jurisdiction, the status and nature of the
crime, and the nature of the evidence. Jurisdiction alone, for example, depends on the
country, state, or federal agency that has control. Given the sensitive nature of public
disclosure, communications should be handled by communications, human resources,
or other appropriately trained individuals who are authorized to publicly discuss incidents. Public disclosure of an event can lead to two possible outcomes. If not handled
correctly, it can compound the negative impact of an incident. For example, given today’s information-driven society, denial and “no comment” may result in a backlash.
On the other hand, if public disclosure is handled well, it can provide the organization
with an opportunity to win back public trust. Some countries and jurisdictions either
already have or are contemplating...
View Full Document
This note was uploaded on 06/01/2013 for the course NET 125 taught by Professor Hurst during the Fall '12 term at Wake Tech.
- Fall '12