Which of the following should be communicated FIRST to senior management once an information security incident has been contained?
A. Whether the recovery time objective was met
B. A summary of key lessons learned from the incident
C. The initial business impact of the incident
D. Details on containment activities
A. Whether the recovery time objective was met
B. A summary of key lessons learned from the incident
C. The initial business impact of the incident
D. Details on containment activities