Melanie Ensign 9/24/24 Melanie Ensign 9/24/24

Maintaining Composure: Effective Emotional Regulation in Security Incident Response

The ability to remain calm and composed during an incident response is critical to a successful recovery. Yet, it’s challenging to do in practice if you’re unprepared. Written plans and procedures are great (and necessary for compliance). Still, execution is the hardest part, where human emotions often get the better of security teams and their partners across the business.

Melanie Ensign 8/26/24 Melanie Ensign 8/26/24

Empowering Business Leaders to be Savable Victims: Drawing Incident Response Insights from Rescue Scuba Diving

What does being a "savable victim" in the context of cybersecurity incident response look like? We draw insights from rescue scuba diving to emphasize the importance of self-awareness, effective communication, and remaining calm under pressure for both rescue divers and business executives during incidents.

Melanie Ensign 1/10/24 Melanie Ensign 1/10/24

My Top Takeaways from 2023 - and Your Resolutions for 2024

Here are three security communication patterns I observed the most often in 2023 and why you should resolve to address them in 2024.

Melanie Ensign 12/11/23 Melanie Ensign 12/11/23

📬 Mailbag: How do you manage/balance truthful communications about an incident/breach while mitigating legal exposure?

A reader asks: How do you manage truthful communications about an incident while mitigating legal exposure?

Melanie Ensign 11/13/23 Melanie Ensign 11/13/23

“The solution is not buying another server, it’s having better communications.”

Q&A with DEF CON founder and CEO Jeff Moss on the value of security communications.

Melanie Ensign 10/23/23 Melanie Ensign 10/23/23

📬 Mailbag: Are there any examples of good incident response communications?

A reader asks: Are there any examples of good security incident communications?

Melanie Ensign 6/1/23 Melanie Ensign 6/1/23

Keep Calm and Plan On: Expert Advice on Incident Response Communications

In this Q&A with Brooke Pearson, we discuss the relationship between internal and external communications as part of a comprehensive incident response program. Brooke is the former head of security awareness at Uber and Discernible advisory board member.

Melanie Ensign 4/27/23 Melanie Ensign 4/27/23

Turning Incident Response Communications into a Sustainable Security Communications Program

The best incident response communications are built on a foundation of strong, ongoing security communications. Here are a few thoughts on how to do that.

Melanie Ensign 3/27/23 Melanie Ensign 3/27/23

Communication Measurement and AI

There is a lot of promise for AI in making it easier and more cost-effective for organizations to adopt an outcomes-based approach to measurement instead of merely counting outputs. Imagine, for example, that we could use AI to quickly and more expansively track the impact of the specific content, language, and timing of incident response communications.

Melanie Ensign 2/14/23 Melanie Ensign 2/14/23

CUSTOMER CASE STUDY

The hallmark of Discernible’s approach is that incident response plans are designed to address a variety of security-related incidents regardless of severity or impact.

Melanie Ensign 6/7/21 Melanie Ensign 6/7/21

Preparing for Task Loading During Incident Response

Proactively planning for task loading in our incident response gives us more cognitive capacity to take in and make sense of more elements of the situation.

Melanie Ensign 10/29/20 Melanie Ensign 10/29/20

Rescue Diving and the Psychology of Security & Privacy Incidents

Melanie Ensign 7/20/20 Melanie Ensign 7/20/20

What is a Security or Privacy Incident? Hiccups, F*ck Ups, and Give Ups

Melanie Ensign 6/22/20 Melanie Ensign 6/22/20

Communication Gaps in Security and Privacy

The Discernible Blog