What Is a Data Breach Coach and How Do I Get One?
As data breaches become increasingly complex, a new role has emerged to help organizations navigate their response and recovery. A breach coach can be an essential part of managing a data event, working with organizations to isolate the affected data, notify customers, retain necessary forensics professionals and manage crisis communications.
“Often, a breach coach is the first responder, coupled with the claims professionals of the carrier, to help the company triage the event,” says Tim Francis, Travelers Cyber Lead, who equates the role of breach coach to that of a general contractor for an organization. “They can help companies understand what needs to take place, the timeliness of what needs to take place, also, importantly, notification requirements.”
In an increasingly complex regulatory landscape, forty seven states, plus Washington D.C., Puerto Rico and the Virgin Islands, have differing regulations for notifying customers that their personal information was compromised in a data breach. Deadline requirements can be from 48 hours to “without reasonable delay,” says John Mullen, a breach coach and partner at Mullen Coughlin, LLC.
In his role as a breach coach, Mullen walks clients through a series of questions in the early stages of investigation that can help establish the scale and notification requirements of the breach. Among the questions he asks:
- What kind of data do you have?
- Where do you keep it?
- Who has access to it?
- How do you secure it?
- When do you purge it?
“These are questions that most companies cannot answer,” Mullen said. “You get hacked, and all of these questions become critical.”
An Evolving Role
“It has become a hugely important role and a comfort to the Risk Manager,” says Mark Greisiger, President of NetDiligence, a company that provides data breach crisis services to the insurance industry. Breach managers secure partners under privilege, so they provide their services to the client confidentially. They also secure discounted rates, which can offer savings to companies during a time of crisis.
Most commonly, a relationship with a breach coach is established as part of a business’ cyber insurance coverage. A breach coach can help the company secure a trusted forensics company to investigate the data breach and determine the extent of the breach. The forensics investigation identifies the potential legal issues, which vary depending on the type of data exposed. Different notification requirements apply to Personally Identifiable Information (PII), Personal Health Information (PHI) and Payment Card Information (PCI).
A breach coach can help secure crisis communications professionals to handle questions from customers, employees and the media, and establish a call center to answer inquiries from the public about identity monitoring and other questions.
