Welcome!

Blog Feed Post

Who Handles the Call?

In today’s integrated digital economy, the IT infrastructures at most corporations can no longer exist in silos. The overwhelming benefit of integration is the rapid development of new ideas and solutions. The unfortunate downside is that increased integration and connectivity also places our respective organizations at risk for cyber attacks, computer viruses, and infrastructure problems which affect us and the users we serve.

It is imperative that organizations invest in measures to secure their systems and safeguard their data and that of their customers. Organizations must also have a well-defined incident response plan in place before something happens. The hours following the detection of a breach or other customer-impacting incident shouldn’t include wasting time finding a person to head up a response team and determine who needs to be involved. What is needed is a comprehensive incident response plan, developed ahead of time as a holistic response, involving all key aspects of the company’s leadership.

How Comprehensive Does Your Team Need to Be?

https://www.pagerduty.com/wp-content/uploads/2017/04/whohandlesthecall-1... 150w, https://www.pagerduty.com/wp-content/uploads/2017/04/whohandlesthecall-2... 247w, https://www.pagerduty.com/wp-content/uploads/2017/04/whohandlesthecall-1... 178w, https://www.pagerduty.com/wp-content/uploads/2017/04/whohandlesthecall.png 813w" sizes="(max-width: 385px) 100vw, 385px" />When putting together an incident response team, it should obviously include representatives from IT Infrastructure, Development, and Quality Assurance. But there are a number of other functions which should be represented as well:

  • Company Leadership
  • Public Relations
  • Legal
  • Human Resources
  • Customer Service
  • Risk Management

An incident response team should be responsible for overseeing and directing an organization’s response to an incident, but they should also be tasked with reducing risk and preventing incidents before they happen. Formation of the team should focus first on developing an appropriate response plan, and then move toward implementing measures to prevent incidents from happening. Let’s look at each function to determine why and how different departments should be involved in preventing and responding to incidents.

Company Leadership

Buy-in from company leadership at the very highest levels is essential to the creation and successful operation of an incident response team. Buy-in will allow for proper support and ensure alignment with the team across all aspects of the organization. Leadership involvement is also key in the follow-up of any incident. Alignment of leaders and the business in response to an incident is critical to being effective and responding as quickly as possible.

Public Relations

Following an incident, the public relations representative will be the primary point of contact between the company and users. Key responsibilities in preparation for this are the development of comprehensive information-disclosure policies and working with other teams to develop responses to possible scenarios to specific types of incidents.

Legal

As the team responsible for overseeing contracts and company liability, Legal has a key role in developing a legal framework for employees and others who work with the company to ensure that reasonable measures are taken to protect the integrity of the company’s data and intellectual property. In the period immediately following an incident, Legal leads the efforts to determine company liability and ensure that legal obligations with respect to disclosure and notification are handled appropriately.

Human Resources

During the initial development of the incident response team, HR has the responsibility to ensure that the right people are in place, whether they come from within the company, or they’ve  been recruited outside the organization.

HR also has a responsibility to work with the other teams to develop employee policies surrounding access to sensitive data, as well as educating employees about those policies and enforcing them as necessary.

Customer Service

As an outward facet of the company, customer service teams are in a prime position to identify and report potential threats to the company, as well as create a clear line of communication on incident status to users. In addition, they should be familiar with existing information-disclosure policies, and understand when an incident should be escalated and to whom. Representatives should also be intimately aware of data security requirements and potential threats that they may face in working with external users.

Risk Management

Finally, the risk management team is responsible for working with the computer security team to develop and implement policies which outline best practices to identify and mitigate risks before they become incidents. They should also work with other teams to develop and conduct vulnerability assessments, as well as identify and monitor threat detection metrics to function as an early warning system for potential incidents.

Strong Defense Allows for an Effective Offense

Incident response isn’t just the responsibility of the IT Department. While IT does play a critical role in the response team, it is the concerted effort of all teams across an organization that allows for the appropriate, unified, and coordinated response to an incident. Once a company has developed a strong defensive strategy for handling incidents, they should then turn their focus towards identifying risks and mitigating them before incidents even occur.

 

The post Who Handles the Call? appeared first on PagerDuty.

Read the original blog entry...

More Stories By PagerDuty Blog

PagerDuty’s operations performance platform helps companies increase reliability. By connecting people, systems and data in a single view, PagerDuty delivers visibility and actionable intelligence across global operations for effective incident resolution management. PagerDuty has over 100 platform partners, and is trusted by Fortune 500 companies and startups alike, including Microsoft, National Instruments, Electronic Arts, Adobe, Rackspace, Etsy, Square and Github.

Latest Stories
Regardless of what business you’re in, it’s increasingly a software-driven business. Consumers’ rising expectations for connected digital and physical experiences are driving what some are calling the "Customer Experience Challenge.” In his session at @DevOpsSummit at 20th Cloud Expo, Marco Morales, Director of Global Solutions at CollabNet, will discuss how organizations are increasingly adopting a discipline of Value Stream Mapping to ensure that the software they are producing is poised to o...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
For financial firms, the cloud is going to increasingly become a crucial part of dealing with customers over the next five years and beyond, particularly with the growing use and acceptance of virtual currencies. There are new data storage paradigms on the horizon that will deliver secure solutions for storing and moving sensitive financial data around the world without touching terrestrial networks. In his session at 20th Cloud Expo, Cliff Beek, President of Cloud Constellation Corporation, w...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
SYS-CON Events announced today that EARP Integration will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. EARP Integration is a passionate software house. Since its inception in 2009 the company successfully delivers smart solutions for cities and factories that start their digital transformation. EARP provides bespoke solutions like, for example, advanced enterprise portals, business intelligence systems an...
IBM helps FinTechs and financial services companies build and monetize cognitive-enabled financial services apps quickly and at scale. Hosted on IBM Bluemix, IBM’s platform builds in customer insights, regulatory compliance analytics and security to help reduce development time and testing. In his session at 20th Cloud Expo, Tom Eck, Industry Platforms CTO at IBM Cloud, will discuss how these tools simplify the time-consuming tasks of selection, mapping and data integration, allowing developers ...
SYS-CON Events announced today that Outscale, a global pure play Infrastructure as a Service provider and strategic partner of Dassault Systèmes, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Founded in 2010, Outscale simplifies infrastructure complexities and boosts the business agility of its customers. Outscale delivers a secure, reliable and industrial strength solution for its customers, which in...
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs oft...
Interested in leveling up on your Cloud Foundry skills? Join IBM for Cloud Foundry Days on June 7 at Cloud Expo New York at the Javits Center in New York City. Cloud Foundry Days is a free half day educational conference and networking event. Come find out why Cloud Foundry is the industry's fastest-growing and most adopted cloud application platform.
In order to meet the rapidly changing demands of today’s customers, companies are continually forced to redefine their business strategies in order to meet these needs, stay relevant and continue to see profitable growth. IoT deployment and development is integral in this transformation, and today businesses are increasingly seeing the value of investing their resources into IoT deployments. These technologies are able increase ROI through projects such as connecting supply chains or enabling sm...
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point where organizations begin to see maximum value is when they implement tight integration deploying their code to their infrastructure. Success at this level is the last barrier to at-will deployment. Storage, for instance, is more capable than where we read and write data. In his session at @DevOpsSummit at 20th Cloud Expo, Josh Atwell, a Developer Advocate for NetApp, will discuss the role and value...
As cloud adoption continues to transform business, today's global enterprises are challenged with managing a growing amount of information living outside of the data center. The rapid adoption of IoT and increasingly mobile workforce are exacerbating the problem. Ensuring secure data sharing and efficient backup poses capacity and bandwidth considerations as well as policy and regulatory compliance issues.
SYS-CON Events announced today that Cloud Academy will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud computing technologies. Ge...
When NSA's digital armory was leaked, it was only a matter of time before the code was morphed into a ransom seeking worm. This talk, designed for C-level attendees, demonstrates a Live Hack of a virtual environment to show the ease in which any average user can leverage these tools and infiltrate their network environment. This session will include an overview of the Shadbrokers NSA leak situation.
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @ThingsExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.