When the computer incident response team (CIRT) finds clear evidence that a hacker has
penetrated the corporate network and modified customer information, an information security
manager should FIRST notify:
A.
the information security steering committee.
B.
customers who may be impacted.
C.
data owners who may be impacted.
D.
regulatory- agencies overseeing privacy.
Explanation:
The data owners should be notified first so they can take steps to determine the extent of the
damage and coordinate a plan for corrective action with the computer incident response team.
Other parties will be notified later as required by corporate policy and regulatory requirements.