In What the Defendant Can Do Wrong, security management and risk management expert witness Ira Somerson, BCFE, CPP, CSC, writes on tracking security incidents.
The trick is to create a policy and procedure with management’s strong support that ensures employees will report incidents the very first time they experience an incident or reasonable suspicion. Instead, senior management and house counsel persistently avoid doing this pointing to their concern of it creating a self-incriminating record. In fact, failure to understand one’s history and risks is the best route to self-incrimination. If employees believe that their customers and their own best interests are served, they will support a well developed incident reporting and loss tracking program. Discovery and investigation will more often than not identify that organizations do not perform this vital function and are therefor doomed to persistent security incidents.