Breach Response: Initiate Forensic Probe Steps Organizations Take in Response to a Breach
Getting forensics help should be one of the first steps an organization takes after a breach occurs, says IT security and privacy lawyer Miriam Wugmeister."Before you can figure out whether or not you have to notice, and what the law requires, you have to figure out if there has been a breach and what might have occurred in the context of a breach," Wugmeister says in an interview with Information Security Media Group .

"Often, the first thing companies do is hire forensics organizations, which come in and help companies figure out what has been breached, what data has been accessed, has any data been acquired, how do they plug the hole. Those things are really important to happen first."

In the interview, Wugmeister addresses:

  • Key steps organizations must take to assure their breach investigation and resolution activities go smoothly.
  • Obligations breached organizations have with law enforcement, regulators and customers.
  • Potential pitfalls organizations face in their breach response.

Wugmeister chairs the global privacy and data security group at Morrison Foerster, an international law firm, counseling clients regarding the collection, use, disclosure and transfer of personal information as organizations seek to comply with U.S. and international data protection laws. She earned a bachelor of science degree from Brandeis University and a law degree from Boston University School of Law.

Around the Network