No Data Breach Response Plan? Take Action!

Five resources to help you get started on securing your data today

The average cost of a corporate data breach lands around $4 million, according to the Ponemon Institute’s Cost of a Data Breach Study. If we can take anything away from this staggering number, it’s that creating a response plan is more important than ever to protect your organization in the event of your information falling into the wrong hands.

A smart data breach response plan can help your company quickly discover what data have been stolen, how to explain the situation to your customers, clients, partners, government agencies, and other entities who need to be informed, and how you can determine the best course of action to ensure your organization’s information isn’t compromised further.

To create an effective plan, you need to be informed about the causes and long-term consequences of a data breach – including how breaches affect customer trust and how you can prevent them by using both new technologies and implementing tried-and-true security policies. The following five resources can help you formulate an effective data breach response plan:

1. Cyber Crisis Management: A Bold Approach to a Bold and Shadowy Nemesis by PricewaterhouseCoopers

This report, published by PricewaterhouseCoopers, one of the world’s leading management consulting firms, details how corporations and other organizations can formulate an integrated strategic response plan when dealing with a variety of cybercrimes. It also discusses the importance of constantly testing your response plan to ensure that it’s capable of dealing with the ever-changing nature of the digital threats businesses face daily.

2. Responding to a Data Breach: A How-to Guide for Incident Management by the PCI Security Standards Council

The PCI Security Standard is the golden standard for credit card information security. It is backed and co-created by major credit card companies including Visa, MasterCard, Chase, and American Express.

This guide specifically discusses the legal and reputational liabilities associated with a data breach of credit card information/n and details the steps that organizations can take to rebuild consumer trust and improve security protocols.

3. Introduction to Data Security Breach Preparedness Guide by Hogan Lovells US LLP (published online by the American Bar Association)

In this guide, international law firm Hogan Lovells details the essential—and often complex—strategies that companies can take to limit their legal liability and comply with a variety of state and federal regulations in the case of a data breach.

The guide helps companies understand their rights, responsibilities, and legal duties regarding consumer information and the best way to inform customers and partners of the breach. Suggestions include the creation of an inquiry response system, proper notification of liability insurance carriers, a full investigation into the breach, and proper documentation of all information security activities before, after, and during a data security incident.

4. Data Breach Response: A Federal Trade Commission Report

This FTC report provides comprehensive advice, strategies, and tips for securing your corporate data and preventing future breaches. The FTC offers specific suggestions involving data forensics, consulting with legal counsel, and securing physical areas that could be vulnerable to further data breaches.

The FTC report also suggests looking beyond the obvious nature of the breach incident to make sure your experts understand the full causes and effects of a breach. Data may have been unknowingly posted to your company website or randomly on other websites, so it’s important to make sure this data is secured as quickly as possible.

You can help yourself and other by utilizing forensics and IT experts to examine computer networks for the specific vulnerabilities that led to a breach and promptly informing the police. The report also reminds companies that, under FTC and HIPAA rules, if the breach involved electronic health information, you may have to report it to the FTC, HIPAA, and in some cases, the media.

5. Cost of Data Breach Study: Essential Reports on Todays Security Landscape by IBM

In this series of annual studies funded by IBM, researchers analyze and discuss the financial costs of data breaches for both U.S. and international corporations in depth. The studies break down breach costs by sector, as well as discuss both the global impact of breaches and countries that may be specifically vulnerable to data theft, fraud, and cybercrime.

These studies involved almost 400 IT, security, and computer forensics professionals worldwide who discovered that the cost of the average data breach is rising and that corporate vulnerability remains high across a variety of industries. One study also demonstrates how developing a business continuity plan helps reduce the overall and per-capita costs of a data breach, the time it takes to identify and contain a breach, and the likelihood of breaches in the near future.

When it comes to preventing corporate data breaches, knowledge is power, and these resources can help you develop an effective security policy for your organization. To learn more about ways to protect your business’s valuable information, contact the cloud security experts at CloudHesive today at 800-860-2040 or through our contact form for a free consultation.