During a cyber incident, which of the following is the BEST course of action?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
During a cyber incident, the best course of action depends on the severity of the incident and the organization's incident response plan. However, among the given options, option D is the BEST course of action.
Option A, which suggests switching to using a pre-approved, secure, third-party communication system, may not be practical in all situations as it requires prior planning and setup. It may also be difficult to implement during a crisis situation.
Option B, which suggests keeping the entire company informed to ensure transparency and integrity during the incident, can create chaos and confusion, especially if the incident is severe. This option can also lead to unauthorized dissemination of sensitive information.
Option C, which suggests restricting customer communication until the severity of the breach is confirmed, can cause a delay in communication, leading to a loss of trust among customers. This approach can also lead to legal and regulatory issues if disclosure requirements are not met.
Option D, which suggests limiting communications to pre-authorized parties to ensure response efforts remain confidential, is the best course of action as it ensures that only those individuals who need to know are informed. This approach reduces the risk of sensitive information being leaked to unauthorized individuals, which can damage the organization's reputation and increase legal and regulatory risks. By limiting communications, the organization can focus on resolving the issue efficiently and effectively without unnecessary interference or distraction.
In conclusion, during a cyber incident, the best course of action is to limit communications to pre-authorized parties to ensure response efforts remain confidential.