Understanding the technical environment and relationships with stakeholders are the two most important pillars organizations should have in place during a breach incident, said the CEO of a communications firm specializing in security, privacy and risk organizations.

“Understanding the technical environment is particularly important … because when an incident happens, you don’t have weeks to figure things out,” said Melanie Ensign, founder of Discernible Inc.

Ensign spoke with Todd Fitzgerald, vice president of cybersecurity strategy at the Cybersecurity Collaborative, during a CISO Stories podcast by Security Weekly, sister brand of SC Media.

Having relationships already in place with external stakeholders, such as the media, law enforcement and regulators, is also important, she continued. 

“I need to be able to pick up the phone and call whoever I need and know that they’re going to pick up the phone, because time is of the essence,” Ensign said. “And trust is really important in that situation, as well.”

Click here to listen to episode 34 of the CISO Stories podcast: "Communications before, during and after the breach."

It’s unusual to have a dedicated person on staff with deep security knowledge who can provide communications support for an organization, she added.

The former head of privacy, security and engineering communications for Uber, Ensign said the CSO and CISO has been her No. 1 partner in creating a communications role at every organization she has worked for.