Our series continues to track the progress of an organization under pressure from a security breach. Enterprises can reduce the impact of breaches and similar emergencies is to consider a few simple steps to a more resilient enterprise:
Key essential thinking ahead for responsibility, taking actions, and communications:
Have a specific list of responsible people – and backups for overall and tactical decisions. (Executive and line managers – and their designated backups.)
Set up a primary person responsible for key tasks – and their designated backup. (In the case of a toxic spill – who is responsible for telling regulators what and when.)
Identify key actions where a decision is needed and when. (Knowing when you will fall back to taking orders on the backup applications for a data center.)
Set up specific channels for dispersed people to talk to each other. (Key call-in or web-portals where private conversations of key individuals get to converse on a pre-established schedule.)
Who and when will communications occur with outsiders (first responders, public, press, government, regulators, stakeholders, resources)
For most enterprises, many of these elements fit on a single sheet of paper in two columns – who is responsible, their backup, and the communications paths. Keeping this up-to-date on a daily basis is surprisingly difficult (executive travel, vacations, remote working, etc.). A simple pattern of deciding is best, and still difficult to accomplish. Training the people and thinking about simple decisions ahead of time will prevent regret later.
If you’d like to hear more about preparing your organization to be more resilient contact us at
Comments