A multinational SaaS provider detects a major security breach involving unauthorized access to customer billing...

The EC-Council Incident Handler (ECIH) curriculum outlines structured communication protocols as a critical part of incident management, particularly when regulated data and external stakeholders are involved. When data breaches affect customers and fall under regulatory frameworks such as GDPR, organizations are legally required to notify affected individuals and data protection authorities within defined timelines.

The scenario describes communication with clients, regulatory authorities, and media representatives. These stakeholders are external to the organization. ECIH categorizes this as external communication, which must be carefully coordinated with legal, compliance, and executive leadership to ensure accuracy and regulatory compliance.

ECIH emphasizes that external communication must be controlled, legally reviewed, approved by executive leadership, and aligned with regulatory requirements to prevent misinformation and reduce reputational damage. This differs from internal updates or automated alerts.

Option A refers to automated technical notifications. Option C focuses on internal analysis discussions. Option D relates to operational containment communications during malware handling.

Therefore, the scenario emphasizes structured external communication intended for non-organizational entities.