On Friday morning, a private organization starts experiencing problems accessing its systems. Within a couple of hours, the situation has worsened and access system wide is compromised. The day before the organization’s security team had received an anonymous call threatening the organization’s systems but the security team could not ascertain its origin or credibility and therefore did not act upon it. Now what?
Discuss what steps you would take, especially focused on the following questions:
- What information will be shared?
- With whom will it be shared and who will be responsible for sharing it?
- How will it be shared?
- When is it going to be shared?
- Why is being shared?
- Where is it going to be shared?
- Lesson’s learned?