Contracting & Compliance
      Back to home
      1. Help Center
      2. Veonics® Portal Users Manual
      3. Contracting & Compliance

      Comprehensive Incident Response & Breach Notification Procedures

      This article consolidates our incident response and breach notification processes into a single reference, aligned with industry standards and backed by our published Knowledge Base documentation.

      Audience: Customers, security officers, compliance auditors
      Prerequisites: None

      🛡️ Overview

      eXpress badging® is committed to safeguarding customer data and ensuring that any potential security incident is handled with speed, transparency, and accountability. Our incident response framework is built around:

      1. Preparation – Documented processes, trained staff, and continuous monitoring.

      2. Detection & Analysis – Regular vulnerability scans and penetration testing.

      3. Containment & Eradication – Immediate actions to stop and mitigate threats.

      4. Notification & Communication – Transparent customer updates and breach notifications, if required.

      5. Recovery & Lessons Learned – Remediation, reporting, and process improvements.

      📋 Our Incident Response Procedures

      1. Preparation

      • All employees undergo background checks and cybersecurity awareness training.

      • Technical controls are aligned with NIST CSF 2.0 and ISO/IEC 27001 practices.

      • Routine penetration and vulnerability testing is performed.
        🔗 Cybersecurity & Compliance Overview

      2. Detection & Analysis

      • Continuous monitoring of systems, applications, and network activity.

      • Vulnerabilities are identified through Fortra VM reports and prioritized based on severity.

      • Internal IT and external specialists review findings.
        🔗 Vulnerability Management & Remediation Process

      3. Containment & Eradication

      • Immediate isolation of affected systems or accounts.

      • Application of security patches, configuration changes, or system resets.

      • Escalation procedures to senior management and technical leadership.
        🔗 Cybersecurity Incident & Breach Response Process

      4. Notification & Communication

      • Affected customers will be  notified promptly in accordance with applicable laws and contractual obligations.

      • Communications include a description of the incident, the type of data involved, and steps taken to mitigate impact.

      • Customers receive ongoing updates until full remediation is complete.
        🔗 Breach Liability Statement (new article 8/2025)

      5. Recovery & Lessons Learned

      • Root cause analysis conducted.

      • Remediation measures applied and documented.

      • Incident formally closed only after validation by leadership.

      • Policy and process updates issued based on findings.

      📜 Breach Liability & Customer Protection

      eXpress badging® acknowledges sole liability for breaches directly arising from our systems, services, or personnel, subject to the terms of executed agreements. This accountability is backed by corporate insurance programs, including:

      • $2M Errors & Omissions (E&O)

      • $2M General Liability

      • Workers’ Compensation coverage for on-site staff

      🔗 Breach Liability Statement

      ✅ Key Takeaways for Customers

      • You will be notified immediately in the event of a confirmed breach.

      • You will receive clear updates, reports, and remediation details.

      • You are not expected to carry the burden of a breach caused by eXpress badging®.

      📖 Related Documentation

      Last updated: 08/2025