This did happen in the United States, but it is a warning tale for all senior managers and board members – you are responsible.
Ex-Uber security chief sentenced over covering up hack – BBC News
Your Takeaway
- Your incident response plan must include a section on communications and reporting
- You need to know your legal reporting responsibilities.
- You need to know the information about an incident is reliable when it comes to talking about or reporting on the incident.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
My Ransomware Primer includes sections on what your incident response plan should look like: