Business Owner’s Guide to CMMC
Ep 9: Incident Response
Watch episode 9 of our Business Owner’s Guide to CMMC series with Ben Scully (Avatara) and Dan Langley (Lupa Advisors), or read the transcript below. Stay tuned weekly for new episodes containing actionable insights and an overview of each CMMC domain.
Video Transcript:
BEN: [The next CMMC domain we will discuss] is incident response. This is now assuming everything else that we’ve done didn’t work and something happened. So, let’s talk a little bit about incident response.
DAN: Alright. There are really three controls that we’re focusing on. It’s about planning; it’s about handling; and it’s about reporting your incident response. This is no different than when you were a little kid and you had a fire drill. Everybody lined out in the hall. You knew where you were supposed to go. Nobody panicked. Why? Because somebody thought through ahead of time, what is the policy, what is the procedure we’re going to do when we have an incident response? Sometimes those responses, depending on the business we’re in, have some legal requirements. There are certain people I have to inform. In the DoD space, there are entities that you have to inform. This is that whole plan, and this is going to be a documented plan.
BEN: I think that you have to think about it in two ways: technical response and communication response. Because, as an organization of technical people, there’s this classic, “I’m solving the problem, leave me alone” [mentality]. And you have to have a team that’s “solving the problem, leave me alone”, but there has to be somebody that’s communicating, as well, to the various constituents that are out there. So, it is a thought process around how we make sure we deal with the incident. But, again, as you said, what is the internal and external and who are all the constituents that have to be communicated to before, during, and after an incident.
DAN: Yeah. How do you communicate with your customers? Because they could be affected. Do you have any legal entities? Who, on the legal side, are you going to contact? What have you done to capture the environment? Not just address the fire, but remember all those data points that we were logging before? So, how do I go back after the smoke’s gone, after the flames are out, and [figure out] how did this start?
BEN: And one of the constituents that people oftentimes forget about is the insurance company.
DAN: Absolutely.
BEN: So, it’s really important for you to know [how the incident happened] when you’re contacting the insurance company, because that can impact how willing they are to help. So, that’s an important constituent to consider.
Next Episode
Watch Episode 10 on Maintenance.
Need help getting compliant?
Avatara’s DoD Platform is a turnkey solution for centralized data and easier compliance. Schedule a free consultation today to learn more.
