Breach recovery requires operational policies and procedures that:
- detect and locate the breach;
- assess the damage;
- mitigate further harm; and
- notify individuals and government entities appropriately.
It is critical to have a clear understanding of the breach details so that the damage can be addressed and the infrastructure can be protected going forward.
As part of the breach recovery process, you need to:
- assess and investigate the breach entry points;
- determine the technical, physical or administrative corrections;
- implement corrective action plans;
- run environmental scans;
- patch vulnerabilities; and
- fortify your security controls to prevent a recurrence.
Here’s Your Next Step…