Incident Management
and Response Plan

Updated on December 26, 2023

1. Summary

This Incident Management and Response Plan outlines Truckin Digital’s structured approach for United States, Canada (Including Quebec Law 25), and Mexico customers to handling potential threats such as intrusions, attacks, virus infections, data loss, and any risks to computers and data, ensuring a swift and effective response to incidents.

2. Incident Response Team

The Incident Response Team (IRT) is tasked with providing a rapid, efficient, and structured response to computer-related incidents, including virus outbreaks, hacker attempts, data breaches, and interruptions to system services. Their mission is to mitigate risks, prevent data loss, and safeguard client trust and information assets.

The IRT is authorized to take appropriate actions to contain, mitigate, or resolve security incidents. The team is responsible for timely and cost-effective investigations, reporting findings to management and relevant authorities. These investigations are coordinated by the Director of Information Technology.

Incident Response Team Members:

Anel Ceric (Chief Architect / Director of IT) - aceric@truckindigital.com

Danilo Medic (Customer Success Lead) - dmedic@truckindigital.com

3. Incident Response Team Notification

For 24/7 incident reporting, the IT Department Help Desk serves as the central contact point. All computer security incidents reported must be escalated to the Director of Information Technology for initial analysis to determine if IRT activation is necessary.

Types of Incidents Requiring IRT Activation:

Breach of personal information (as governed by Quebec’s Law 25, requiring immediate notification and response to breaches of personal data)

Denial of Service (DoS) or Distributed Denial of Service (DDoS)

Firewall breaches

Virus outbreaks

4. Breach of Personal Information — Overview

This plan outlines steps to be taken when unauthorized access to personal information occurs, potentially causing harm or inconvenience, such as fraud or identity theft. Personal information includes any data that can be linked to an identifiable individual, such as Social Security numbers, driver’s license numbers, home addresses, and health information. Under Law 25, such breaches must be reported promptly, and necessary actions must be taken to mitigate the impact.

5. Definition of a Security Breach

A security breach is the unauthorized acquisition of data compromising the security, confidentiality, or integrity of personal information. Under Law 25, breaches involving personal information must be reported immediately to the appropriate regulatory authority, such as Quebec's Commission d'accès à l'information (CAI).

6. Customer Responsibilities

All customer employees must immediately report suspected or confirmed breaches of personal information to the IT Department, including any notification from third-party providers. Customer employees will assist in gathering information, preserving evidence, and supporting the investigation led by the IRT.

7. Classification / Identification of a Potential Incident

Incidents will be classified based on the level of risk to ensure appropriate action is taken.

High Criticality: Significant impact on business or client service (e.g., unauthorized system access).

Medium Criticality: Potentially significant impact (e.g., password cracking attempts).

Low Criticality: Lower impact incidents (e.g., firewall scans).

8. Response

Upon reporting, the IT Department will investigate and classify the incident. Steps include reviewing logs, inspecting system files, and checking for unauthorized services. Depending on the severity, the team may decide to shut down systems for containment.

9. Recovery

The Incident Response Program aims for efficient recovery, ensuring vulnerabilities are eradicated, and systems are fully restored. This includes closing the point of entry used by the attacker and preventing future breaches.

10. Periodic Testing & Remediation

The IT Department will test and review the Incident Response Plan quarterly. Systems should be scanned for vulnerabilities before remediation and re-scanned afterward to ensure all risks have been eliminated.

11. Incident Response Plan Example

Upon detecting an incident:

The IT Help Desk logs details (name, time, nature, and affected systems).

The IRT is contacted for a response strategy.

An incident ticket is created, categorizing the severity (high, medium, or low).

The IT Department investigates and preserves evidence for potential turnover to authorities.

Post-incident reviews are conducted, policies updated, and lessons learned to prevent recurrence.

Law 25 Compliance: Under Quebec's Law 25, any breach of personal information must be handled with urgency, ensuring the protection of data subjects and adherence to legal obligations regarding data privacy and reporting.

This plan ensures a structured and compliant response to incidents, safeguarding data and systems while adhering to applicable privacy laws such as Law 25.