Published: 03 March 2020
Analyst(s): Consult the Board Research Team
This summary contains inputs from 12 members regarding the organization and operation of their Cyber Incident Response Team (CIRT). It identifies the number of security incidents members face each week, the initial triaging process, owner of the CIRT operations, and involvement of members’ legal, communications, and HR teams. The summary ends with an examination of whether members’ general counsels encourage them to change the scope of security incidents reported to CIRT.
Guiding Principles on Independence and Objectivity.