We wanted to share an alert with all the community members
Yesterday HCL data Breach was made public by a security research organization which is now in news. We wanted to share some best practices on how to handle such situations
Dos & Don'ts On How To Handle Such Situations
- Create A Public Page: Create a public page on how researchers can disclose vulnerabilities and breaches to your organization. Create a hall of fame or rewards program.
- Respond And Engage: Respond and engage with researchers who disclose breach or vulnerability.
- Appoint Headed Security Persons: Appoint headed security persons to interact. In our past experience when we disclosed such breaches in several cases we found that folks who were in denial mode and sometime rude to researchers. We need to be tactful not create new enemies. There are already a lot of them :)
- Do It Jointly: If such disclosing organizations requests for press release then do it jointly so that you can control the messaging
- Conduct Proactive Measures: Conduct proactive measures to know your attack surface and discover such exposures and breaches before it gets known to others
BTW, We are hosting a webinar on 'How to handle Breach Disclosures? Bug Bounty, Coordinated Vulnerability Disclosures and more..' Here is the link to join: Webinar
>> Sign Up for webinar on 'How to handle breach disclosures'