Breach Notification , Breach Preparedness , Data Breach

Steps to Take Before Reporting Breaches to Authorities

Ankur Kushalka of Atos on the Need for Clearly Defined Investigation Process
Ankur Kushalka, general manager, InfoSec Practice Head, Atos

Organizations need to have a clearly defined process in place to investigate security incidents before they report them to law enforcement authorities, says Ankur Kushalka of Atos, a European IT firm.

See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach

"Before engaging with law enforcement agencies, it is important for firms to device an [investigation] process. Once you are attacked, there are ways in which the security team [can] analyze the nature of the attacks - were you targeted or were you just impacted?" Kushalka says.

"There are instances where CISOs want to report to LEAs, but organizations are reluctant for various reasons," he says. Therefore, before reporting breaches to the authorities, "CISOs have to get a buy-in from the management, all stakeholders and engage with the internal legal team," he says. "Once the process is in place, it easier to report incidents to police."

In this video interview at Information Security Media Group's the recent Fraud and Breach Prevention Summit in Mumbai, Kushalka discusses:

  • Why having an internal investigation team is important;
  • Why protecting only the crown jewels doesn't help;
  • Why checks need to be put in place for end users.

Kushalka has about 20 years of experience in IT and information security. He is the general manager and practice head for information security practice at Atos Global IT Solutions and Services. Kushalka has global exposure in diversified IT and security domains that include IT infrastructure management; IT security and compliance; IT project and program management; business continuity and enterprise risk management; transition, transformation and service delivery management; center of excellence for security practice; and competency management.


About the Author

Suparna Goswami

Suparna Goswami

Principal Correspondent, Information Security Media Group

Suparna Goswami is principal correspondent at ISMG Asia and has more than 10 years of experience in the field of journalism. She has covered a variety of beats ranging from global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine, and leading Indian newspapers like DNA and Times of India.




Around the Network