US Department of Justice issues data breach response guidance

The US Department of Justice has issued new guidance on how businesses should address the risk of data breaches, before, during, and after cyber intrusions. Among the recommendations are:

  • before formulating a response plan, an organisation should first determine which data, assets, and services warrant the most protection, and
  • the plan should be vetted by the organisation’s legal advisors to ensure that the organisation’s incident response activities remain on a firm legal footing.

Link: Department of Justice Guidance