October 9

The Subtle Art of Planning for Incidents


The Wolf

Remember, Mr. Wolfe?

In Quentin Tarantino's 1994 masterpiece Pulp Fiction, Vincent Vega (John Travolta) and Jules Winnfield (Samuel L. Jackson) get into a bit of a situation when Vega accidentally shoots their backseat passenger while driving ("Oh man, I shot Marvin in the face"). They panic and quickly phone up their friend (Quentin Tarantino) to get the messy car off the street. Now Jimmy is none too pleased to find a vehicle with a dead body in his garage, mainly because his fiancee Bonnie will come home very soon after her night shift at the hospital. They call for help, and after a short while, the doorbell sounds, and Winston Wolfe (Harvey Keitel) shows up, looking very sharp in his tuxedo.

 In one of the film's most memorable scenes, Mr.Wolfe deals with this (literal) bloody mess in under 40 minutes. He is calm, professional, and knows exactly what to do. In the meantime, emotions flare. Vincent and Jules continue arguing about who's at fault and Jimmy is freaking out thinking about Bonnie coming home.

Winston Wolfe, he slowly sips his coffee and knows everything is going to be all right.

Become The Wolf

This entire scene is the perfect metaphor for what we do at BlackLynx when our customers have a security incident.

It might be that a former employee stole some information, you experience a ransomware attack or you have simply been hacked. Much like Mr. Wolfe, we bring calm and experience to an emotional situation.

We get this question a lot: why would we need an incident response plan?

It's simple, creating this teaches you to become your own Mister Wolfe.

Headless Chicken Syndrome

Let me tell you precisely what happens if you don't plan for incidents.

 Many companies experience what I call "Headless Chicken Syndrome" - I remember once standing in a tiny conference room with 37(!!!) people from four different departments and all in various states of panic shouting over each other. There's nothing like a severe security breach to expose the flaws in your organization.

This was one of the biggest companies I ever worked for. They never thought they would be put in this situation and panic ensued.

 And when you are panicking, bad things happen. Mistakes are made.

 The most common mistake when dealing with data breaches is to destroy the evidence you have against your attacker.

 For example, when faced with malware on a server – the last thing you should ever do is pull the power cord.

 Guess what the very first thing is an untrained person does.


 Other mistakes include trying to have your IT staff handle the incident - because guess what - you have to be trained to know how to handle evidence, so it is admissible in a court of law.

 Once again, this is where we come in and perform incident response and crisis management.

What does Incident Response Planning Look Like?

Preferably, we come before an incident ever happens and help you with incident response planning.

If you drive a car, you probably got into an accident at one point. Either you hit something, or somebody hit you. This type of situation might get emotional.

When you might be shaken up or angry, you are supposed to fill in the necessary insurance forms and agree with the other party on what exactly happened.

 So why not - before anything happens – take this insurance form you have to fill in and already prefill it.

 Or you create a flowchart with exact steps to follow and a list of emergency contacts to contact in that type of situation. The number of your insurance company, the repair center, the police, towing services, et cetera. So that once it happens, you mechanically follow the script.

You deal with it professionally and calmly, just like Mr. Wolfe.

Where can we help?

 If you want to know more about Incident Response planning and need help writing plans tailored to you and your company, send a quick email to security@blacklynx.be

 Let us teach you how to become like Mr.Wolfe !

(Minus the dumping of dead bodies, obviously)


cybersecurity, data breach, incident, incident response, planning

You may also like

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Worried about your data ? Need help getting ISO certified ? Or are you experiencing a data breach ?