Data Breach Preparedness & Response For Business Leaders
Not a week goes by without sophisticated attack targeting businesses : ransomware or theft of personal or sensitive data.
If managed poorly, a major security incident can result in financial, image and reputation costs. As a study reveals, if more CEOs are getting forced out for ethics violations1, they are also having to leave for data breaches2.
Most of our customers are aware of the risk of a data breach. We help them through targeted actions to prevent and prepare for management of this type of incident.
As we have seen on many occasions, awareness-raising actions are more and more common in companies.
Building a crisis response organisation is not an end in itself. You need to practise and update it (particularly the lesson learned).
The reason behind this is that the risk of data breaches will not disappear. This article is intended as the beginning of a response.
It is not meant to provide a turnkey answer that applies to all companies but is intended to illustrate some key challenges that your organisation may be facing.
The sooner your company gets organised and ready, the better it will be able to cope.
Some key actions to be implemented when discovering a violation of personal or sensitive data are :
1 – Collect information about the data breach
Some examples of information to be collected :
- Date, time, duration and location.
- How was the data breach discovered, by whom? And all the details known and missing as the beginning of the investigation ?
- Inventory details of compromised or missing data to be updated as the investigation proceeds.
2 – Contain the data breach
For digital or non-digital data, if you have established procedures apply it here.
If this is not the case, you should rely on expert reports, which will provide you with key actions to implement and possible risks guidance. But in this case, it is a real action plan that will have to be developed to eliminate vulnerability and prevent recurrence.
3 – Analyse all the impacts of the data breach
It is a question of collecting all the information after your investigation to determine the impacts: customers, image and reputation, regulation and financial.
For some matters, you will have to rely on internal or external expertise.
4 – Communicate
You will have to communicate with several key professionals: lawyers, authorities, insurers, clients, employees, media, …
To do this, it will be necessary to validate different communication strategies, to create a communication plan and to ensure its implementation and its follow-up.
You thought you were done with the main actions! This is not the case!
After the investigation, notification of data breaches and communication actions, we need to follow a new set of actions.
5 – Implement corrective actions
It is a matter of implementing all corrective actions to repair the damage caused to your organisation or to the customers concerned: to monitor the data and to provide customers concerned with support or compensation.
6 – Prepare for the litigation which may emerge as a result of this data breach, including court proceedings
Consider potential investigation by authorities on your premises and involving your staff.
7 – Perform a thorough analysis of the data breach to determine root causes in order to strengthen your internal practices
8 – Evaluate the effectiveness of the response to the data breach
This will lead to the revision of the crisis management process and the strengthening of your internal skills.
If you want a point of view adapted to your organization, contact us.