Incident Type: ‘Accidental Data Breach Q Incident Description: A(n) lemployee Q ’mistakenly sent Q sensitive data to a(n) Severity: ’Medium Q 1unauthorized third parQ via ‘video 6 The data ‘includes Pll 6 Next Steps: OD Isolate affected systems O Notify affected individuals O Notify executive management O Notify IT staff QD Notify regulatory bodies Follow Up Actions by Security Operations Center: Provide additional training for employees Reset passwords for Increase monitoring v v Q on how to handle sensitive information QD affected accounts Q for suspicious activity Conduct an internal investigation to identify Review and update the company's v & v P pany Q any additional risks or vulnerabilities 0 data handling policies and procedures Analyst Recommended Technical Mitigation Measures: Q Implement Q Encrypt g Implement Data Loss I:l Implement Netw°|:| Implement Auditing Access Contr sensitive da Prevention (DLP) soft Segmentation and Monitoring Highest Escalation Contact: ’executive management Q
