Marketplace Pricing Download
Marketplace/ GENERAL/ cybersecurity/ Cybersecurity Breach Summary

Cybersecurity Breach Summary

Produces structured cybersecurity breach summary documents for regulatory and compliance use. Use when drafting breach summaries, incident response reports, forensic report syntheses, board updates, or regulatory notification prep. Triggers: data breach, cybersecurity incident, breach summary, incident report, forensic analysis, notification timeline, GDPR, CCPA/CPRA, HIPAA, state breach law.

ID: general.cybersecurity.cybersecurity-breach-summary Version: 0.1.0 License: Apache-2.0 Author: CaseMark Language: en Added: 2026-06-11
Try via MCP GitHub
⬇ Download

Cybersecurity Breach Summary

Legally defensible, source-attributed incident summary for executive, counsel, and regulator review.

Quick Start

  1. Gather incident reports, forensic analyses, system logs, and response documentation.
  2. Confirm privilege boundaries and confidentiality flags from counsel.
  3. Populate the template below with verified facts only — attribute each assertion to a source and date.
  4. Separate known facts from hypotheses or open questions.

Template

# Executive Overview
- Discovery date/time (timezone):
- Incident window (earliest to latest evidence):
- Incident type / attack vector:
- Affected systems:
- Data categories involved:
- Estimated affected individuals:
- Current status (contained/ongoing):
- Immediate actions taken:
- Material business impact:

# Incident Timeline
| Date/Time (TZ) | Event | Source (doc + date) | Owner | Confidence |
|---|---|---|---|---|

# Technical Summary
- Initial access vector:
- Vulnerability or control failure:
- Lateral movement / persistence:
- Exfiltration evidence:
- Integrity/availability impacts:

# Systems Affected
| System/App | Environment | Data Stored | Impact | Status | Source |
|---|---|---|---|---|---|

# Data Impact
| Data Category | Regulated? | Population Type | Est. Count | Jurisdictions | Source |
|---|---|---|---|---|---|

# Affected Population
| Population | Est. Count | Jurisdictions | Notes |
|---|---|---|---|

# Response Actions
| Action | Date | Owner | Status | Source |
|---|---|---|---|---|

# Notifications
| Recipient | Legal Basis | Deadline | Sent Date | Method | Summary | Source |
|---|---|---|---|---|---|---|

# Legal/Regulatory Assessment
| Regime | Trigger | Deadline Rule | Status | Notes |
|---|---|---|---|---|
| GDPR Art. 33/34 [VERIFY] | | | | |
| HIPAA (45 CFR 164.400–414) [VERIFY] | | | | |
| CCPA/CPRA [VERIFY] | | | | |
| State breach laws (list states) | | | | |

# Contractual / Litigation Exposure
- Contracts with notice obligations:
- SLAs or security addenda implicated:
- Potential claims and venues:
- Preservation actions taken:

# Insurance
- Carrier/policy:
- Notice sent (date/time):
- Coverage issues or reservations:

# Open Issues
-

# Remediation
| Gap/Root Cause | Corrective Action | Owner | Due Date | Status |
|---|---|---|---|---|

# Source Map
| Fact | Source Document | Date | Page/Section |
|---|---|---|---|

Pitfalls

  • Speculation: Label unknowns explicitly. Do not opine on liability — describe exposure factors only.
  • Timezone drift: Use consistent date/time with timezone; maintain a single chronological basis.
  • Jurisdiction scope: List all jurisdictions implicated by affected individuals, not just HQ location.
  • Unverified citations: Mark uncertain legal citations or deadlines with [VERIFY].
  • Privilege leaks: Keep privileged content in clearly marked sections per counsel direction.
  • Vague counts: Use ranges when scope is uncertain and explain the estimation basis.

Related Skills

GENERAL · cybersecurity

Cybersecurity Breach Summary

Summarizes cybersecurity breach incidents into structured legal and compliance records. Trigger when synthesizing incident reports, forensics, logs, …

CaseMark
GENERAL · cybersecurity

Compliance and Audit

Use when a project requires a compliance framework mapping, when risks need formal documentation, when audit evidence must be collected, or when prod…

Kaademos
GENERAL · cybersecurity

Comply

Regulatory compliance and audit agent. Maps business regulatory requirements (SOC2/PCI-DSS/HIPAA/ISO 27001), checks control implementations, designs …

seaworld008
GENERAL · cybersecurity

Comply

Regulatory compliance and audit agent. Maps business regulatory requirements (SOC2/PCI-DSS/HIPAA/ISO 27001), checks control implementations, designs …

simota
GENERAL · cybersecurity

Enterprise Evidence Pack Generation

Use this skill when generating ISO 27001 or NIST SP 800-53 audit evidence packs, compliance reports, evidence narratives, reviewer-ready control matr…

allsmog