Incident Management Strategies: Addressing Death, Taxes, and Data Breaches

Sep 29, 2023

In today’s digital age, three things are impossible to avoid: death, taxes, and data breaches. Organizations face the complexities of incident management strategies daily, and addressing these three certainties remains a key operational imperative.

Incident Management Strategies

On that note, in the webinar Death, Taxes, and Data Breaches, Kelvin Dickenson, SAI360’s Senior Vice President and General Manager of GRC, Greg Sikes, Vice President of Product at RadarFirst, and Doug Kruger, Vice President of Strategic Accounts at RadarFirst, discuss which compliance and incident response strategies can safeguard organizations.

Below we highlight three key takeaways from their discussion on the importance of smart preparation.

Responding to Death: Get to Work

“Death is not the opposite of life, but a part of it.” – Haruki Murakami

Much like the certainty of death, incidents in the digital realm are inevitable. The key lies in how organizations proactively respond to them.

Contrary to popular belief, not all breaches grab headlines. Many breaches are more like day-to-day operational mishaps, often stemming from human error.

These unauthorized disclosures—while perhaps seemingly minor at first glance—can accumulate, posing significant challenges for organizations. This, of course, is especially true for those organizations still tethered to manual processes.

In terms of what’s next, it is critical to gather and assess key information promptly to determine the nature of a breach. Factors such as the data disclosed, the number of people involved, and their locations play a crucial role in shaping the response and the corresponding outcome.

Understanding third-party obligations and fostering team collaboration across departments ensures a comprehensive and efficient response.

Responding to Taxes: Understand the “So What”

“Taxes are the price we pay for a civilized society.” — Justice Oliver Wendell Holmes Jr.

Just as taxes entail a complex labyrinth of rules and deadlines, so does incident management.

When it comes to breach repercussions, understanding the “so what” is paramount.

Organizations face immense pressure. Missed deadlines or over-notifications, for instance, can tarnish brand reputation and erode customer trust.

Interestingly, when organizations try to do the right thing and adopt platforms to better manage these incidents, they often notice a surge in reported incidents. This happens not necessarily because incidents have increased, but because incidents are just now being captured more effectively.

This brings new challenges. For example, now even handling a small volume can be daunting—especially for those new to the process.

Further complicating matters is that amidst a myriad of regulations, standards, and jurisdictional laws, businesses face the daunting task of staying compliant.

Advanced technology solutions offer a way out. These tools can automate processes, ensuring that businesses can remain compliant while also being efficient.

Responding to Data Breaches: Trust is the New Currency

“Data is a precious thing and will last longer than the systems themselves.” – Tim Berners-Lee

Much like students showcasing their methods in a math class, organizations must transparently present their processes to regulators. But doing so is not just about getting to the right answer. It is about how you landed at that answer. Consistency, documentation, and auditability remain crucial.

In the world of incident management, time is of the essence. Manual processes, while perhaps familiar processes for so many organizations are merely time-consuming and error-prone.

There is a dire and urgent need for different kinds of systems—ones that offer checks and balances, allowing trends to be tracked and controls to be implemented. An integrated system—one that dovetails with other facets of an organization’s risk and compliance program—is not just beneficial—it’s essential.

Approach the incident management cycle by ensuring you have a clear process for triaging, reviewing, and managing incidents. The ability to integrate with other tools, ensuring seamless collaboration, is the way forward.

Final Thoughts

Death, taxes, and data breaches are all certainties. Yet, being prepared and having the right tools and strategies in place can help organizations navigate these challenges with confidence and resilience.