Security breach often takes too long to come to the attention of the right people within the organization. The point is to make sure employees know what to look for (e.g., unusual activity on their workstations, a suspected compromise of a password and username, a lost USB fob, a stolen laptop, etc.) Implementing these types of policies or guidances will help establish the business was diligent in addressing the issue, guarantee management is promptly apprised of the problem, and minimize potential damages.”]
Source: https://www.csoonline.com/article/2136597/breach-procedures—who-s-on-first-.html