π£ Reporting Playbook¶
Most incidents go from small to serious because someone saw something weird and said nothing.
Your job as a leader isnβt to make people perfect β itβs to make reporting normal.
π§ The purpose¶
- Give people a safe, simple way to speak up
- Respond fast and fairly
- Learn from near-misses without blame
If you do that consistently, youβll build more trust than any new security tool could.
π§βπ» Make it easy¶
A good reporting system is:
- Obvious β people know where to go
- Quick β two clicks, not two forms
- Safe β no embarrassment or fear of punishment
Options that work:
- A dedicated inbox (e.g. report@yourcompany.com)
- An internal Slack/Teams channel (monitored by security)
- A simple web form
Flagged Tip
If your team can report a phishing email faster than they can make a coffee, youβre doing it right.
𧩠Respond fast, close the loop¶
Acknowledge every report β even if itβs minor.
People stop reporting when it feels like their messages disappear into a void.
βGood catch β weβve checked it and blocked the sender. Thanks for flagging!β
A 10-second reply keeps them engaged for life.
π Turn reports into stories¶
At the end of each month, share anonymised wins:
- βFinance caught a fake invoice before it hit.β
- βHR spotted a dodgy LinkedIn request.β
- βIT blocked a spoofed domain.β
It reinforces the habit and celebrates the humans, not the hackers.
π¨ When it is serious¶
If something does escalate:
1. Contain (disable accounts, isolate devices)
2. Communicate internally (donβt hide it)
3. Document what happened and what fixed it
4. Update training accordingly
π₯ Watch & Learn¶
(Video: Why early reporting saves businesses.)
Next up: Policy & Behaviours