CompTIA CySA+ (CS0-003) — Question 81

A regulated organization experienced a security breach that exposed a list of customer names with corresponding PII data. Which of the following is the best reason for developing the organization's communication plans?

Answer options

• A. For the organization's public relations department to have a standard notification
• B. To ensure incidents are immediately reported to a regulatory agency
• C. To automate the notification to customers who were impacted by the breach
• D. To have approval from executive leadership on when communication should occur

Correct answer: B

Explanation

The correct answer is B because regulatory agencies often require immediate reporting of breaches to ensure compliance with legal obligations. The other options, while important for communication strategies, do not address the urgent need to inform regulatory bodies about the incident.