With the Massachusetts Data Privacy Law now in place (and presumably you are in compliance with it), you need to think about what to do if you have an incident.
Verizon has published the Verizon Incident Sharing Framework to help.
Our goal for our customers, friends, and anyone responsible for incident response, is to be able to create data sets that can be used and compared because of their commonality. Together, we can work to eliminate both equivocality and uncertainty, and help defend the organizations we serve.
The framework is set up to help classify incidents, their discovery, mitigation and impact.
Sources:
- Verizon Incident Sharing Framework
- Verizon Incident Metrics Framework Released on the Verizon Business Security Blog