Which of these actions should we do and not to do in case of security incidents? deleting forensic artefacts, hiding the security incident, informing the security team.
In case of security incidents, first you need to inform the security team. It is important to not delete any forensic artefacts or files so the security team can check what has happened. Hiding the security incident can have serious consequences for the company and should not be done.