Certain organizations have an incident response plan…And many people in management know that one needs to be in place. Of those that do have a plan, I have YET to see one that has a public relations component. You know those pesky news ferrets that will no doubt be calling, emailing, and worse shoving a microphone in your face when a breach occurs??
Well, here’s a good little piece on this very topic in the context of healthcare and HIPAA but it applies across the board.
If you don’t have a PR plan – make it happen. You don’t want to be caught with your pants down – literally – on this one.