Who should be contacted FIRST in the event of a security breach?
Forensics analysis team
Incident response team
A security breach is an incident and requires a response. The incident response team would be better equipped
to deal with any incident insofar as all their procedures are concerned. Their procedures in addressing incidents
are: Preparation; Incident identification; Escalation and notification; Mitigation steps; Lessons learned;
Reporting; Recover/reconstitution procedures; First responder; Incident isolation (Quarantine; Device removal);
Data breach; Damage and loss control.