data-breach-response-skills

Manages coordinated breach notification across multiple legal jurisdictions including EU member states (72-hour GDPR deadline), US state breach notification laws (varying timelines from 30 to 90 days), and other international regimes. Covers conflict resolution when notification timelines differ, lead supervisory authority determination, and parallel notification execution. Keywords: multi-jurisdiction, cross-border breach, notification coordination, GDPR, US state laws, international breach notification.

Conducts structured post-breach remediation using a lessons learned framework covering root cause remediation, control gap closure, policy updates, training modifications, monitoring enhancements, and regulatory follow-up. Provides a systematic approach to preventing breach recurrence and demonstrating accountability to supervisory authorities. Keywords: post-breach, remediation, lessons learned, root cause, control gap, policy update, training.

Builds a comprehensive breach response team playbook defining CSIRT and privacy team structure with named roles (incident commander, legal counsel, communications, IT forensics, DPO), escalation matrices, communication templates, pre-negotiated vendor contacts, and regulatory authority contacts organized by jurisdiction. Keywords: breach response playbook, CSIRT, incident response team, escalation matrix, communication templates, vendor contacts.

Determines whether a personal data breach triggers notification obligations under GDPR Articles 33 and 34 using structured risk assessment methodology. Covers breach type classification (CIA triad), data sensitivity scoring, volume assessment, identifiability analysis, and consequence severity evaluation. References EDPB Guidelines 01/2021 with 18 breach scenarios. Keywords: breach risk assessment, GDPR, Article 33, Article 34, EDPB, notification threshold.

Designs and executes tabletop breach simulation exercises for testing organizational breach response capabilities. Covers scenario creation with realistic inject timelines, participant role assignment, communication testing across internal and external channels, decision-point evaluation, and after-action report generation. Keywords: tabletop exercise, breach simulation, incident response testing, scenario design, after-action report.