What to Do After a Security Breach

By Karen A. Frenkel  |  Posted 03-05-2014 Email Print this article Print

The U.S. cyber insurance market for 2013 was between $1 billion and $1.5 billion, according to Thomas Reagan, Large Risk Underwriter at Beazley USA Services, a British insurance company. Fewer than 25 percent of U.S. companies buy cyber insurance, but the industry is growing rapidly with estimates of 25 to 50 percent annual growth, Reagan says. Cyber insurance assures companies for all their digital and online risks, with data breach insurance being the biggest component. In 2013, there were 619 known data breaches in the U.S., often happening in business, education, healthcare, and government, with nearly 58 million personal or financial records being spilled or stolen, according to the nonprofit Identity Theft Resource Center. Cyber-attacks are so rampant and sophisticated these days that Reagan believes they cannot be avoided—and he offers these eight tips on what companies should do when the inevitable data breach occurs.

  • Preparation and Practice Make Perfect

    Just as companies have fire drills, they should practice what they will do when a breach occurs. Recognize that prevention is not enough, and practice your strategy before a breach happens.
    Preparation and Practice Make Perfect
  • Don't Panic

    A data breach is not a disaster, but mishandling one is. When the breach is discovered, calmly execute your plan, but recognize that breaches are a frightening experience.
    Don't Panic
  • Move Quickly But Stay Patient

    Wait for forensic results and law enforcement before you announce a breach. Why? It may be a false alarm.
    Move Quickly But Stay Patient
  • Don't Go It Alone

    Every breach is complicated and unique, so you will need different tools and external expertise for each one. Knowing who to call and what to do makes a big difference. You might need any or all of the following: forensic expert, lawyer, call center, mailing list vendor, credit monitoring service and crisis communication.
    Don't Go It Alone
  • Assemble the Right Team

    Data breaches affect all aspects of your organization. IT should not work on them in isolation. So besides mobilizing your legal department, you'll need finance to quickly write checks for vendors, marketing communications to talk about the breach, and human resources to communicate with employees and brief the board and executives.
    Assemble the Right Team
  • Get Legal Advice

    Hire only forensically licensed investigators otherwise evidence that may be important to a criminal investigation could be inadvertently destroyed. Maintain attorney-client privilege because everything you discover could be the subject of a lawsuit or investigation. Your counsel must be an expert in data breaches.
    Get Legal Advice
  • Someone Needs to Talk

    Crisis communication and management are important so that you determine the message about the breach and don't lose control of the situation. You will need to send a letter to customers, regulators and perhaps shareholders. U.S. states have different requirements for the content, so you must get your message right.
    Someone Needs to Talk
  • Identify Lessons Learned

    The experience of a data breach can improve future outcomes. Although data breaches are inevitable, you can learn from them and use those lessons to improve your operations.
    Identify Lessons Learned
Karen A. Frenkel writes about technology and innovation and lives in New York City.


Submit a Comment

Loading Comments...
Thanks for your registration, follow us on our social networks to keep up-to-date