This phase focuses on the considerations that need to be made for communicating inside and outside the organization. This phase will take you through the following activities:
- Create an internal communications plan.
- Develop an external communications strategy.
- Manage the fallout from the incident.
- Consider customer compensation carefully.
- Appreciate the role of social media.
- Draft the Security Incident Response Communications Team Policy.
- Customize the Crisis Communications Guidelines and Templates.
- Run the tabletop exercises.
- Conduct a post-mortem review of the incident.
- Consider sharing information with your peers.
Use this phase as part of the full blueprint, Master Your Security Incident Response Communications Program.