In this video, Mandy Huth explores incident response requirements under GDPR. Investigate the objectives of incident response, how to prepare for an incident, and how using a forensics analyst can help.
- [Instructor] One component of GDPR's notification requirements is the ability to identify root cause and to propose mitigation. Incident response can accomplish this task for an organization. Incident response is a standardized protocol for identifying and mitigating a data breach. Many organizations will have an incident response team. The information security team most often controls the protocol and coordinates these efforts among the team. There are four primary objectives of incident response.
The first is to minimize customer impact in case their data is lost. Next is to reduce any financial loss to the business. This can include data loss or the cost of mitigating the breach. Ensuring compliance and avoiding regulatory penalties is quite important as well, especially given the stout fines possible and outlined in GDPR. Finally, making a strategic adjustment to one's security posture is important. An organization can do this by ensuring future breaches of similar nature are minimized or avoided.
There are many ways an organization can be prepared before an incident. The most important is employee awareness. Ensuring employees know what to do and who to contact will give organizations the best readiness posture. Also, knowing who is in charge, the incident commander, will help remove any confusion around roles and responsibilities. The incident commander will run the response plan and coordinate the different departments required for the incident. In addition to internal resources, having an external forensics analyst can help provide a neutral basis for incident response.
Forensics companies can often be held on retainer. Further, if they are provided detailed information, they can be brought in hot with a comprehensive understanding of an organization's ecosystem. A forensics team knows how to respond to an incident, starting with preserving evidence, chain of command procedures, and strong root cause analysis. They are also often armed with technical and automated tools to seek out and find patient zero. Their participation and outcomes can show strong diligence by the impacted organizations to the supervising authority.
Incident response and strong forensic investigation will ensure an organization has appropriately identified and mitigated personal data breaches.
DISCLAIMER: Neither LinkedIn nor the instructor represents you, and they are not giving legal advice. The information conveyed through this course is not intended to give legal advice, but instead to communicate information to help viewers understand the basics of the topic presented. Certain concepts may not apply in all countries. The views (and legal interpretations) presented in this course do not necessarily represent the views of LinkedIn or Lynda.com.
- Compliance deadlines and penalties
- Data controllers and data processors under GDPR
- Exploring the role of the data protection office
- Technical measures outlined in the GDPR
- Reviewing the right to be forgotten and the situations that allow erasure
- Rules for children under the age of 16
- Breach notification