Incident Response (IR) refers to the cybersecurity processes that are triggered once a threat is detected or reported. Knowing who to report to under such conditions is critical. Time is also critical, as attacks occur in milliseconds. Reporting to the wrong entity can introduce minutes of misdirection, which can result in significant damage across the national network.
Few employees realize their critical importance. Security incidents are everyone’s responsibility. Industry research shows that many employees could have saved the day during breaches, yet failed to report to their Security team. Had the Security team been informed during the first indications, there would have been enough time to halt, contain and prevent the breach.
So what can you do to help thwart a data breach?
While you are on the go, it’s important to remember that the convenience of working remote means placing work data into public environments and networks. There are some best practices to keep in mind while you are on the road or at home. These apply to work and your personal life.
- Ensure you are encrypting all emails going outside the Fund office, regardless of whether an attachment is included or if there is a belief no PHI is included.
- Do not include PHI in the subject line as information in the subject line does not encrypt.
- Select the correct recipient of an email. Always double-check the name of the recipient before sending.
- When mailing or faxing documents, double-check the label or fax number and contents to ensure the correct information is being sent to the appropriate individual.
- When manually inputting information into the system, review for accuracy prior to saving to ensure information is accurate.
Zenith American Solutions, Inc. is not offering legal advice.
Please consult with the Fund’s legal counsel for legal guidance or legal recommendations.