• Common hand-offs of privacy incidents from organizational teams (and the pitfalls)
  • Where organizational silos cause challenges in the timely resolution of incidents
  • How a coordinated privacy approach that brings together disparate teams helps mitigate enterprise risk

Read more below.

how to avoid delays in incident resolution | radarfirst

The Privacy Collective with Sylvia Sandoval from USAA

Despite continued investment into security prevention, organizations report that the number of data incidents which occur has continued to rise year and year. Since breaches are inevitable, teams responsible for data management and incident resolution often measure improvement in mean time to resolution (MTTR), a metric which includes the input and action of several departments.

In October, Sylvia Sandoval, Director of Privacy Operations at USAA joined us for our 17th session of The Privacy Collective, “Breaking Barriers for Efficient, Collaborative Incident Resolution” to discuss how organizations can establish efficient incident response processes by connecting silos, establishing centralized teams, and building trust with communication.

View the full webinar here.

How Privacy can Facilitate Cross-functional Collaboration

Privacy leaders must find common ground in order to collaborate with other departments. When it comes to knowing the importance of data management across an organization, it’s crucial to understand what owning data means to each impacted group.

Successful data management at an organizational-level requires organization-wide input so before crisis strikes, it’s helpful to determine who a centralized team and team leader will be to help teams see beyond their own departmental operations.

“At USAA, we have privacy experts that live within the business areas. They’re certified and have privacy expertise for their bank product, but they may not necessarily have that expertise when it comes to an insurance product and what’s required of an insurance product in the privacy or protection of their customer on the insurance side,” says Sandoval.

With a centralized team, operating from a centralized playbook, there’s less room for duplicitous work because everyone understands their unique role in the group. With roles established, familiarity can be the key to expediting time to resolution. For leaders that means being familiar and acquainted with individuals within a team, and building pathways and trust to connect quickly to ensure effective conversations.

“Get out there and introduce yourself, and let other folks across your organization know who you are and that you’re the face of privacy. So when a new product or service should come on the books they know who to reach out to for any type of privacy concerns; and should an event occur, they know exactly who to go to.” -Sylvia Sandoval

Without assigned roles and responsibilities, teams in crisis response may not know what other groups are doing, “It’s almost like driving onto a highway without any signs. You don’t know what direction to go and you don’t know where the other vehicles around you are,” states Sandoval.

To avoid confusion, delays, and even redundant work, follow these best practices to enable cross-functional collaboration:

1. Establish a distribution list to avoid pitfalls during team handoffs

In initial communications, the impact of a distribution list can’t be ignored. From the start, you’re able to identify leaders from each team or business area and create a system of order within the group.

“Having that distribution list and making certain that you have the appropriate level of authority, as well as the subject matter experts on that distribution and then maintaining that list,” states Sandoval.

2. Maintain this list to accommodate for new hire and organizational changes

Change within organizations is common. Often team members leave the company or migrate laterally within the organization. And unfortunately, when it’s time to act, you may not have that representation for your team if a key privacy stakeholder is no longer around to spearhead incident response.

Updating your distribution list ensures all necessary stakeholders are involved in incident resolution from start to finish.

3. Host a meeting with those on the distribution list and set expectations

When hosting a meeting, distribution lists can be an effective way to set expectations and clearly identify roles within the team. Giving everyone a chance to articulate what their role is in a kickoff call affirms the team’s structure, breeds familiarity, sets everyone off in the right direction, and provides a clear agenda for what needs to be done.

“As you progress through the event management, you’ll have that initial meeting to speak about the event and determine whether or not you need additional individuals,” says Sandoval.

4. Include as much information as you’re allowed on meeting invites so all involved will have familiarity with the event prior to the meeting

Presenting information early and clearly can have a big impact to catalyze impacted teams. Preparing your team with an agenda ensures everyone understands the purpose of the meeting. Whether it’s the initial call to discuss the event or a status update on escalation, you at least have buy-in on how the meeting will operate and you establish a clear path to collaboration.

As regulatory expectations continue to increase, the importance of collaboration and documentation in incident response rises with them. It’s vital to have a well-documented storage of incident response and breach notification decisions to understand what occurred, who was involved, and how decisions were made.

Sign up to Hear the Latest from Privacy Leaders