It matters how a business handles the aftermath of a breach incident
May 20, 2015
No business is insusceptible to breaches. However as we have seen already, the reputation of some of the recently breached large businesses were further tarnished because of the manner in which the incident was disclosed to the stakeholders. Here is some guidance to help address a breach situation.
- Look at an incident as not just an IT issue but as a problem of the entire organization. From the decision makers to legal, finance, human resources, every group needs to treat the incident as a crisis. Communication is key between the groups. Have an incident response plan ready, to be prepared for the various steps that need to take place in case of a cyber attack.
- Start the investigation immediately and try to avoid assumptions. Focus in on the types of data that are compromised and follow a plan for immediate damage control.
- Be consistent with social media messages and with the regular media. Let one person be the communicator so there is no wrong information disseminated, causing more harm. Prepare the message before going public and be coherent.
- An incident response plan generally consists of a table-top exercise. So, be prepared with a simulation exercise and practice it as many times as needed. Let the incident response team have access to one document for reference in times of need.
- A business in a breach crisis will be under scrutiny and it is best to speak the truth right from the get go. This can help rebuild trust and reputation. It is a chance to show the value a business places on the information and on the people whose information has been compromised.
For more help with other related topics on data security visit this page. If you need help with putting an Incident Response Plan together contact us or call 636-557-7777.