Once a breach has been definitively established, which task should be prioritized next?
Once a breach has been definitively established, which task should be prioritized next?
Once a breach has been definitively established, the immediate priority is to determine what was responsible for the breach and neutralize the threat. This step ensures that any ongoing vulnerabilities are addressed, and further damage is prevented. Identifying and neutralizing the threat is crucial before involving law enforcement, notifying affected parties, or implementing remedial measures, as these actions typically follow the containment of the breach.
IAPP Book, Section 7.4, second step. Forward looking changes are in the fourth step.
Common sense
B, indeed
its B. Determining what was responsible for the breach and neutralizing the threat