When staring down the barrel of a potential data breach, incident response teams cannot afford miscommunications, which could lead to delays, wasted resources, higher monetary damages, or loss of attorney-client privilege. Coordination of procedures is a necessary first step, but plans lacking communication protocols are missing a key element. LEO attacks this issue head-on, leveraging lessons from NASA’s Mission Control Center in formulating effective communication processes for the incident response environment.
No incident response program, regardless of the maturity of its plan, will be successful unless the team members can effectively communicate with each other. This skill is not inherent, yet few, if any, incident response teams focus on communication protocols.
LEO’s head of incident response has taught classes on effective communication to flight controllers in NASA’s Mission Control Center, so it is not surprising that LEO’s incident response framework centers around effective communication between team members. Not only do we build it into the policies, the procedures, and the rules, LEO conducts communication simulations to help team members efficiently convey relevant information in a structured manner. Communication best practices are then deployed and refined during table top exercises.
Effective communication simulations are fun, lighthearted exercises that are generally well received by participants and often further used outside of the incident response environment. LEO’s instructor organizes the classes into:
1) communication organization,
4) intended recipients, and
5) doctrines and syndromes.
At the end of the day, we believe that these communication exercises result in a more confident and professional incident response team and environment.