Knowing how to respond well to a data breach is vital for every business. After all, time is money, and a well-developed, thoroughly tested response plan has been proven to save companies a bundle.
Ponemon Institute’s 2018 study found that leveraging an incident response team was particularly helpful, saving companies an average of $14 per compromised record from the average per capita cost of $148. Both outside experts and those within your organization can play a crucial role in your plan.
An outline of your action plan
There are four main steps in a data breach action plan, but a lot goes into each of those steps. Because of this, you need a well-prepared team at the ready. Being prepared increases your chances of emerging without damage to your business, your reputation, and your bottom line.
Step 1: Contain
Following a breach, your first job is to stop the damage from continuing.
It’s important to loop in legal counsel at an early stage. If privacy concerns develop, having breach counsel under privilege from the get-go will help preserve any information found at this stage, preventing it from being discovered.
Step 2: Investigate
While investigating the breach, there are three questions you need to ask yourself:
- What data was affected?
- How did the event happen?
- Can you fix the problem yourself?
When you have clear and straightforward answers to questions like these, you’re off to a good start.
It’s important not to act hastily, but the sit-and-wait approach isn’t right for every breach. If you’re not sure what to do, your cyber experts and legal counsel will help you decide how best to proceed.
Legal counsel is an important ally during a data breach. They can help you protect privileged information and inform the necessary parties of anything they may need to know.
Step 3: Communicate
As of November 1 2018, Canada’s federal Personal Information Protection and Electronic Documents Act will require organizations to notify affected individuals and organizations of certain data breaches that create a real risk of significant harm.
The act makes it more important than ever for companies to determine their legal obligations. And when it comes to sharing vital information, communications can fall into a few categories:
- External and internal communications: A public relations (PR) team can gather facts and work with legal counsel to craft an appropriate message for the public. Your human resources (HR) team oversees your employee communications.
- Notifying directors, regulators, and stakeholders: Your PR, IT, and legal teams must inform your board members of the information that’s been shared with the public, and keep them informed with frequent updates on developments.
- Identifying a leader: Dealing with a data breach is a lot of work and can take weeks or months, so it’s important that someone takes charge for the course of your response.
Step 4: Remediate
Once you’ve stopped any ongoing data leaks, you can begin your recovery. This will involve recovering lost data, preventing more loss, and understanding the varied repercussions of the breach. In many cases, this will call for expert guidance and hands-on help.
Access credit monitoring services
It’s customary to offer credit monitoring to potentially affected parties. This gesture can also work in your favour if you’re met with a class action lawsuit.
Be picky about partners
Outside help can be useful, but you don’t want to team up with just anyone. If you decide to involve vendors in your recovery effort, be sure they have experience with your type of breach.
Plan for litigation
There may be laws governing who you must notify after a breach. Investigate this beforehand, so you’ll know what you need to do once you contact law enforcement to report your breach.
Dealing with a cyber-attack can be stressful and expensive, so being prepared for such an event will go a long way. Want to learn more about what you can do to protect your business?
How we can help
Despite taking precautions, things can go wrong. That’s where the right insurance protection comes in.
Having the right coverage in place can help ensure that legal fees, fines, repair costs, and business interruption expenses do not fall solely on your business’ shoulders. That’s why Federated Insurance has developed a cyber risk insurance product together with CyberScout to protect your bottom line should you suffer from a cyber attack. Our coverage also gives you access to extensive cyber resources, reactive assistance, and personalized guidance.
Visit our business insurance page today to find out more!
This blog is provided for information only and is not a substitute for professional advice. We make no representations or warranties regarding the accuracy or completeness of the information and will not be responsible for any loss arising out of reliance on the information.