The Discernible Blog
Tags
Beyond Damage Control: The Science Behind Apologies
A shift in mindset – from defending organizational pride to rebuilding stakeholder trust – can help guide more effective incident response.
Meeting the Moment: The Art of Apologizing After a Cybersecurity Incident
While the road to recovery from a security incident can be long and rocky, one part of the process is pretty simple: apologizing. At least it should be.
Maintaining Composure: Effective Emotional Regulation in Security Incident Response
The ability to remain calm and composed during an incident response is critical to a successful recovery. Yet, it’s challenging to do in practice if you’re unprepared. Written plans and procedures are great (and necessary for compliance). Still, execution is the hardest part, where human emotions often get the better of security teams and their partners across the business.
Empowering Business Leaders to be Savable Victims: Drawing Incident Response Insights from Rescue Scuba Diving
What does being a "savable victim" in the context of cybersecurity incident response look like? We draw insights from rescue scuba diving to emphasize the importance of self-awareness, effective communication, and remaining calm under pressure for both rescue divers and business executives during incidents.
My Top Takeaways from 2023 - and Your Resolutions for 2024
Here are three security communication patterns I observed the most often in 2023 and why you should resolve to address them in 2024.
📬 Mailbag: How do you manage/balance truthful communications about an incident/breach while mitigating legal exposure?
A reader asks: How do you manage truthful communications about an incident while mitigating legal exposure?
“The solution is not buying another server, it’s having better communications.”
Q&A with DEF CON founder and CEO Jeff Moss on the value of security communications.
📬 Mailbag: Are there any examples of good incident response communications?
A reader asks: Are there any examples of good security incident communications?
Keep Calm and Plan On: Expert Advice on Incident Response Communications
In this Q&A with Brooke Pearson, we discuss the relationship between internal and external communications as part of a comprehensive incident response program. Brooke is the former head of security awareness at Uber and Discernible advisory board member.
Turning Incident Response Communications into a Sustainable Security Communications Program
The best incident response communications are built on a foundation of strong, ongoing security communications. Here are a few thoughts on how to do that.
Communication Measurement and AI
There is a lot of promise for AI in making it easier and more cost-effective for organizations to adopt an outcomes-based approach to measurement instead of merely counting outputs. Imagine, for example, that we could use AI to quickly and more expansively track the impact of the specific content, language, and timing of incident response communications.
CUSTOMER CASE STUDY
The hallmark of Discernible’s approach is that incident response plans are designed to address a variety of security-related incidents regardless of severity or impact.
Preparing for Task Loading During Incident Response
Proactively planning for task loading in our incident response gives us more cognitive capacity to take in and make sense of more elements of the situation.