Digital Forensics
Data Breach Incident Management

Data Breach Incident Management

Data or information of any type, stored by any means is important to a company and it has a colossal role in the reputation of a company.

Data Breaches in the past are known to have caused financial losses to big corporations. Around 450 million Dollars are threatened every year just to cybersecurity breaches. Direct and Indirect losses Both chip in equally towards the damages bore by the company.

Crisis Management

A data breach is considered a crisis because of the large losses incurred by the organization and the repercussions of the same. Previous researches on the matter have emphasized on protecting the repute of the organization, which is important for their sustenance.

Situational Crisis Communication Theory (SCCT)

It is one of the common management technique used. This was introduced by Coombs in 2007. He tried to explain it based on the three primary Responses: Denial, Diminish, and Rebuild. Along with this Bolstering and Scapegoating were the supplementary strategies that many companies used.

Denial: To act against existence of a crisis or blame someone else if there is no presence of evidence for a crisis.

Diminish:  To downplay the degree of the crisis and the company’s responsibility for the crisis.

Rebuild: To offer reimbursement or apologies for the crisis.

Bolstering: To emphasize positive past record of the company.

Scapegoating: It is often counted as a part of Denial strategy only as the strategy is not to accept the blame and shift it to a third party, But many risks are associated with this strategy and it can even backfire in certain situations and mainly depends on the responses from the stakeholders. It Is said that even though there is only one scapegoat the factors are many, so shifting the blame to multiple peers has also been tried and it all has negative impacts if the stakeholders and public find it later on, Therefore an Improved Model was formulated.

Public Communication Model

It is not something that is different from SCCT but it uses it to build a better perception of the company in the eyes of the common public, this model gives a discourse that a company uses to share the notification about the incident of a data breach.

Companies have learned to use psychological techniques in the vocabulary and the words they draw on in a public release, to influence the response from a reader and it is studied using an application called Textstat.

TextStat – It is an open-source, simple text analysis tool and it gives sorted word frequency lists and concordances of keywords with searchable contexts and citations.

Repetition of the keywords may emphasize the organization’s values, etc which can influence the reader’s mind. So, TextStat can be used to extract the frequency of words and we could get the complete list of the words used, to get a clear picture of what the company actually wants to show through their public release.

By Shijin S Mathew, “He is an ambitious, Data-driven individual with an excellent grasp of python and search engine optimization. Enthusiastic about applying the knowledge of various programming languages to the field of forensic science. Experienced in designing and developing sites from concept to roll-out, worked with Ecloto Designs as an Intern and assistant web Developer.”

Contributors (Forensic Yard)

Leave a Reply

Your email address will not be published. Required fields are marked *