Wondering how to tell the world you've been hacked? Here's a handy guide from infosec academics

2020-09-24 16:46

Infosec boffins at the University of Kent have developed a "Comprehensive playbook" for companies who, having suffered a computer security breach, want to know how to shrug off the public consequences and pretend everything's fine.

In a new paper titled "A framework for effective corporate communication after cyber security incidents," Kent's Dr Jason Nurse, along with Richard Knight of the University of Warwick, devised a framework for companies figuring out how to publicly respond to data security breaches and similar incidents where servers are hacked and customer records end up in the hands of criminals.

Published in the Computers and Security journal, the academics' paper draws on previous well-known system breaches and security incidents such as the Ticketmaster hack before devising a flowchart for execs and their PR flunkeys alike to follow when bad things happen.

The flowchart and process does not advise the use of phrases such as "We take security very seriously," Nurse confirmed to The Register.

That phrase has become a standing joke within the infosec world whenever a company has suffered a data or security breach affecting individual customers.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/09/24/how_to_admit_youve_been_hacked/

#hacked #infosec