The Problem of Breach Management
Question Summary
- What is the problem?
- In an ideal world, data breaches would never happen, but of course, it is inevitable that hacking will always be a problem. It would be extremely irresponsible for an organization not to have a well-documented plan when (not “if”) it is hacked that reflects the legal and ethical obligations of the organization to its stakeholders. There are lots of cyberattack response guides out there, NIST’s probably being the most important, so you should be familiar with that one. It centers around the (non-linear) four step process: Preparation; Detection and Analysis; Containment, Eradication, and Recovery; Post-Incident Activity
- What is familiar about this problem?
- I think a lot of you know the famous Mike Tyson quote, that is perfect for so many contexts, including this one: “Everyone has a plan until they get punched in the face.” I think responses to cyber attacks are like that. So yes there should be a very specific plan, but also you should plan for what to do when the plan breaks down. This is your ethical plan.
- Which ethical value is relevant here?
- This is one of the few areas in which basically all of the ethical values are relevant. They should all be guides to your incident response:
- Happiness
- Autonomy
- Fairness
- Trust
- This is one of the few areas in which basically all of the ethical values are relevant. They should all be guides to your incident response:
- What is a potential solution to this problem?
- The principles that should guide your incident response are the same for action analysis. These are what will operationalize the ethical values:
- Creativity
- Dialogue
- Empathy
- Impact
- A thorough description of these can be found here: Action Analysis
- The principles that should guide your incident response are the same for action analysis. These are what will operationalize the ethical values: