4 Steps to Help Manage a Data Breach
Recent data breaches have made it clear that, just like the government, people, businesses and infrastructure are all vulnerable to cyber attacks. Unfortunately, many organizations are not prepared to quickly recover after an attack even though they may have taken some steps to protect their business.
It is critical that business owners know what to do to secure their systems and mitigate financial and reputational damage in the event they are breached. These four steps can help keep your business S.A.F.E. from a cyber data breach.
S: Set the Strategy
Thinking about how to respond to a cyber event after it happens is a poor strategy. Business owners need to consider cyber attacks just as they would any other risk – like fire, theft or severe weather – and plan for it as part of their business continuity strategy.
A post-cyber event plan should consider a number of issues, including:
- Notifying customers;
- Assessing the scope of the breach;
- Handling legal policies and procedures to report the event;
- Contacting your insurance agent and carrier;
- Managing communications.
There also must be a clear protocol in place to identify which employees are managing each component of the plan. For example, it is important to determine who will be responsible for informing the insurance provider and what information he or she needs to provide in the event of a breach. The plan should also delineate which departments, including IT, HR, public relations, legal and operations, are on the incident response team.
Identifying how you will respond to a cyber breach in advance will help save time, and money, in the recovery.
A: Assess the Breach
If an event occurs and data is exposed, it is important to quickly ascertain how widespread the breach was and if systems are secure. Data should also be categorized to determine whether personal information was compromised, such as Social Security numbers, medical records or financial information. This will enable the company to accurately and quickly notify customers about what took place.
F: Fix the Problem
Companies should identify and use external resources to assist in managing a cyber event. A “breach coach” or attorney experienced in security and privacy compliance issues can assist with this. The “breach coach” can also help gather facts to develop the communication strategy surrounding the incident, such as when and where the breach occurred and actions being taken to recover. In addition, the breach coach can assist with documenting expenses, such as time spent recovering and estimates for the overall cost of remediation. These details are necessary to help re-secure a company’s data network, refine the internal and external communications plan and serve as evidence if the data breach results in a legal battle.
Your cyber insurance carrier or agent should be able to connect your business with an experienced “breach coach” to help it recover from an event.
E: Examine Your Systems
Once a company determines how, when and where the breach occurred, its IT staff should check to ensure that the data is secured with necessary patches or fixes. Systems should be tested and re-tested thoroughly to help identify process gaps and confirm that sensitive company and client data are secure.
Remembering the S.A.F.E. acronym and following each of the steps will help give your business an effective plan to make it through a cyber attack.
More Prepare & Prevent
Cyber Risk Pressure Test [Tool]
What could your company be doing to better manage cyber risk? Take our four-part questionnaire to find out.
5 Ways to Help Protect Your Company's Data
Employee error is a common cause of business data breaches. Get employee information security tips to help avoid data breaches.
Developing a Data Breach Incident Response Plan [Video]
Be prepared in the event of a data breach with a cyber security incident response plan.