Nested Knowledge

Bringing Systematic Review to Life

User Tools

Site Tools

Trace:
wiki:policies:incident

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
wiki:policies:incident [2023/10/06 16:45]
katcow [Security Incidents] 		wiki:policies:incident [2023/12/13 21:02]
kholub
Line 28: Line 28:
 === System Utilization and Malware Detection === === System Utilization and Malware Detection ===
  
-At present, Nested Knowledge does not maintain an internal corporate network or provide company-issued computers. Should we set up a network or issue computers, Nested Knowledge will obtain baselines for processor, memory and hard drive utilization. These parameters may change due to virus, worms, malware etc.+Nested Knowledge does not maintain an internal corporate network, but does provide company-issued computers. The company exercises control and oversight over the applications on company-issued computers, including required security software. 
 + 
 +Nested Knowledge will obtain baselines for processor, memory and hard drive utilization. These parameters may change due to virus, worms, malware etc.
  
   * CPU   * CPU
Line 63: Line 65:
 For breachs likely to result in a risk to users or employees, Nseted Knowledge will [[https://www.ftc.gov/business-guidance/resources/data-breach-response-guide-business|notify]] a Supervisory Authority within 72 hours with: For breachs likely to result in a risk to users or employees, Nseted Knowledge will [[https://www.ftc.gov/business-guidance/resources/data-breach-response-guide-business|notify]] a Supervisory Authority within 72 hours with:
  
-  * categories of data and the number of data subjects affed+  * categories of data and the number of data subjects affected
   * our DPO's contact information   * our DPO's contact information
   * likely consquences of the breach   * likely consquences of the breach
Line 172: Line 174:
   * Laptops and Mobiles which are lost or compromised, cannot access our network without multi-factor authentication.   * Laptops and Mobiles which are lost or compromised, cannot access our network without multi-factor authentication.
  
-===== Key Contacts  =====+===== Key Contacts =====
  
 ^Name^Function^Contact| ^Name^Function^Contact|
Line 179: Line 181:
 |Kathryn Cowie  |COO - coordination, documenting response an decisions  | \\ [[kathryn.cowie@nested-knowledge.com|kathryn.cowie@nested-knowledge.com]]| |Kathryn Cowie  |COO - coordination, documenting response an decisions  | \\ [[kathryn.cowie@nested-knowledge.com|kathryn.cowie@nested-knowledge.com]]|
 |John Fallone|Lawyer - legal assistance| \\ [[john@fallonesv.com|john@fallonesv.com]]| |John Fallone|Lawyer - legal assistance| \\ [[john@fallonesv.com|john@fallonesv.com]]|
-|Dr. Dheerendra|Board Member  |dkommala@ecri.com| 
  
 ===== Security Incidents ===== ===== Security Incidents =====
 +
 +[Example]
  
 ^Timestamp^Event^Description^Reported By^Status| ^Timestamp^Event^Description^Reported By^Status|
 |01-17-2023 10:34 ET|Phishing email|Fraudulent email requesting payroll: moved to SPAM, blocked sender, and deleted.|Kathryn Cowie  |Resolved 01-17-2023 10:37 ET| |01-17-2023 10:34 ET|Phishing email|Fraudulent email requesting payroll: moved to SPAM, blocked sender, and deleted.|Kathryn Cowie  |Resolved 01-17-2023 10:37 ET|
  
-===== Revision History  =====+===== Revision History =====
  
 ^Author^Date of Revision/Review^Comments| ^Author^Date of Revision/Review^Comments|
wiki/policies/incident.txt · Last modified: 2024/04/12 16:01 by katcow

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki