In Incident Handling: When the Breach Occurs, computer security expert witness C. Matthew Curtin of Interhack Corporation writes:
Reputation is made or broken not on whether an incident takes place, but how well the incident is handled. Thus every security program includes a component on incident handling. Effectively handling adverse events requires planning and practice, paving the way for sound execution. In preparation, there are four questions every CIO needs to answer.
Full article: http://web.interhack.com/publications/incident-handling-cio