Data Breach War Room / Breach Preparation

Excited to be joining a distinguished group of lawyers to present a highly-interactive workshop called “Data Breach War Room / Breach Preparation” at iTechLaw’s 2016 World Technology Conference in Miami.

As readers of this blog know, I often write about planning for a breach. One key element of planning is practice: testing your plan.  You can test a plan in different ways, including under the real pressure of an actual incident (a bad idea), through a table-top exercise and by the use of routine scenario testing hypothetical.  Real world testing is bad for obvious reasons: you may find yourself without a workable plan at all.  Table-top exercises involve a formal, sit-down and walk-through*  where your plans are pressure-tested against an evolving (fictitious) scenario.  In the best case, all of the “actual” players are there and the scenario is spun by an outsider with little connection to the politics of the organization. Routine scenario testing involves building a cultural norm of asking “what if” questions — and answering them within the framework of your plan.

Regardless of how your plan is tested, it is essential that your plan have a feedback mechanism to receive, record and consider the honest results of the test.

 

*- I say “walk-through” because it is essential that folks not only drill on the plan, but that they know the physical spaces they are using to execute the plan.  Perhaps your “war room” needs to have a non-VOIP phone.  …or be larger…or be closer to the CEO’s office…or closer to a bathroom.  It is often quite interesting to see what comes to light when you actually move through the spaces you plan to use!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s