Given how cloud breaches are becoming more and more common, I would like to present a realistic process for dealing with them. I say realistic because this is probably already what is going on, but is not documented. So, here goes:

It starts with a proper management reaction when the vendor informs the firm regarding the breach:

Then your management will then need to do this privately:

But this should be their public reaction to the vendor’s notification:

Your developers will do this as they inspect the code:

Your security team will do this as they look at how the breach was done:

And then do this after they’re told they have to help clean up the mess:

Next, your developers will work hard on a new solution:

The security team will look over the developers’ solution and offer constructive feedback:

So the developers will take that feedback and refine their solution:

The network team may have some concerns on what the developers are hoping they can do in the datacenter:

Management may also have to deal with increased budget requests to implement the more secure solution:

And all the former employees are doing this as they hear the rumors and read the headlines:

And that, my friends, is how we can realistically deal with a cloud breach! I thank you for your time in reading this and hope it helps. 🙂