CompTIA CySA+ (CS0-003) — Question 382

An organization's Chief Information Security Officer (CISO) is organizing a tabletop drill. The CISO has included several other executives in the meeting invitation for the drill, as required. Which of the following is the best reason for including the Chief Communications Officer?

Answer options

• A. Deciding when and how to issue press releases regarding incidents can minimize damage to the organization's brand reputation.
• B. All of the organization's high-level executives should know about the IT department's incident response plan.
• C. All parties must be able to communicate clearly. concisely, and consistently during incident response.
• D. The CISO would like to increase the security department's visibility to senior executives.

Correct answer: A

Explanation

Including the Chief Communications Officer is crucial because they play a key role in managing how the organization communicates about incidents, which can significantly impact brand reputation. While other options emphasize communication and awareness, they do not address the specific importance of managing public perception during an incident.