A data breach is the release of secure or private/confidential information to an untrusted environment, this could include unintentional data leak and spill.
Some of the biggest names in the world have been found guilty of data leaks – Yahoo, Morgan Stanley, Tesco, Marriott International and Ticketmaster are some of Europe’s biggest ever leaks resulting in millions of customer account details being exposed, huge fines being issued and reputational damage and loss of customer confidence.
Today many organisations face a new set of operational challenges, which have accelerated rapidly since COVID-19 and include new dangers and threats. Criminals use this to target organisations to steal customer and employee information.
WHAT STEPS CAN ORGANISATIONS TAKE TO MINIMISE THE IMPACT OF A DATA BREACH?
CREATE A PLAN
Consider the type of data held and identify where potential attacks may occur, the best way to respond and plan how to:
Investigate and resolve any breach (who does what and how)
Notify relevant authorities
Communicate with the public and media (PR Strategy)
Preparing in advance and considering what resources will be required to deliver these, will dramatically reduce the response time.
A Cyber response team should include:
Incident lead; to coordinates the overall response.
Senior management; to maintain comms with stakeholders and investors.
IT Department; to identify cyber risks, compromised data and sanitise systems.
Customer Service; to develop and deliver messaging (phone, email).
PR/Communications customer communications, media coverage and response.
Consider external partners such as regulators, insurers’ legal advisers and data breach response specialists.
TESTING THE PLAN
Once the plan is established, practise its implementation and train staff to understand their responsibilities in preparing and responding to a breach. Regular testing will highlight any potential weaknesses and new areas that need to be covered.
Activities to include:
Employee security training and retraining at least annually.
Work with staff to integrate data security into work habits.
Limit the data employees can access based on their job requirements.
Update security measures regularly.
Invest in appropriate cybersecurity software, encryption and firewall protection.
Establish a method of reporting security incidents.
Update data security and mobile device policies regularly.
Once the test exercise is complete, debrief the team and review the exercise, highlighting any areas that need improvement.
Being prepared means you have the resources to respond quickly and notify all relevant parties in the event of a breach.
Acting decisively in the event of a breach is key to regaining security, protecting customers, maintaining confidence in the organisation and preserving vital evidence.
Keep a record of any personal data breaches and if the breach is likely to include individual data, the individuals must be informed without delay.
It’s essential to collect and record all the information about the data breach, record all actions and log all communications with regulatory bodies and third parties.
Customers are the lifeblood of businesses and keeping them informed in a timely manner is vital in providing reassurance, minimising distress and protecting the reputation of the organisation.
Consumer research from Experian found 90% of people would be more forgiving of organisations with a response plan in place. While 70% said they would stop doing business with a company that had a poor response.
Further advice and guidance, from the NCSC, on how to protect yourself from the impact of data breaches, can be found here.