Know who to contact and have that information available

Ideally, you'll want all incident response roles and responsibilities defined within your plan so that everyone knows who does what and when. This will not only make it more convenient for notifying the powers-that-be about what has happened, but it'll also help set everyone's expectations so they're not caught off guard when they need to step in to help in the middle of the night. You'll want your contact information documented in your plan; just make sure it's stored somewhere else in addition to your workstation, server or PDA. Those systems may not be accessible in the midst of a breach.

Plan for a security breach, step by step

  Introduction
  Step 1: Define what "breach" means to your business
  Step 2: Don't overlook critical network infrastructure systems
  Step 3: Know who to contact, have that information available
  Step 4: Develop a simple yet methodical set of response steps
  Step 5: Get input from others affected by a security breach
  Step 6: Keep your momentum going

About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic LLC. He has more than 19 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well asThe Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He's also the creator of the Security On Wheels audiobook series. You can reach Kevin at kbeaver@principlelogic.com>.