In an interview with BankInfoSecurity, IT Law Group Managing Director Francoise Gilbert, CIPP/US, says that organizations can glean lessons from the recent breach response of Zappos. Gilbert says that organizations should already have an incident response plan in place as well as breach notification action items for customers to help them take appropriate steps after an incident. "It's time for companies to have a (plan)," she says, "to be prepared to have organized their company, phone lines, forensics, to have established that relationship with the Secret Service, the FBI and so on." Additional topics discussed include the content of Zappos' breach notice, incident response missteps taken by the company and breach readiness tips for organizations.
If you want to comment on this post, you need to login.