What should be an information security manager's FIRST course of action upon learning of a security threat that has occurred in the industry for the first time?
A. Update the relevant information security policy.
B. Perform a control gap analysis of the organization's environment.
C. Revise the organization's incident response plan.
D. Examine responses of victims that have been exposed to similar threats.
A. Update the relevant information security policy.
B. Perform a control gap analysis of the organization's environment.
C. Revise the organization's incident response plan.
D. Examine responses of victims that have been exposed to similar threats.