Get a free quote
For More Information: (800) 731-1909
Posted Sep 30th, 2015

You’ve Got a Data Breach Response Plan. Now What?

The Experian Data Breach Resolution has released its annual 2015-2016 data breach response guide. New content focuses on ways that organizations can take their plans to the next level. While many businesses have developed solid data breach response plans, a study by Ponemon Institute found that most organizations have not discussed or practiced their plans enough. According to the Experian news release, which can be found here, 41% of surveyed executives said that they do not have time scheduled to review or update their plan, and 37% have not reviewed their plan since it was put into place.

“A response plan in a binder does not really prepare a company for handling a breach,” said Michael Bruemmer, vice president at Experian Data Breach Resolution. “Organizations need to develop what if’ scenarios that require a plan ‘B‘ and ’C‘. This is important because a breach may be intended to damage a company’s reputation, for extortion purposes or to compromise customers’ reputations. How should unique circumstances be managed? It should all be part of the plan.”

The complimentary Guide can be downloaded at http://bit.ly/1QUx19X.

Some of the Guide’s new content includes more step-by-step instructions, checklists and a preparedness quiz. Organizations that have not developed a plan yet will find the guide also offers content addressing the notification process, how to select external vendors and the public relations component of a breach response.

For additional data breach resources, including Webinars, white papers and videos, visit http://www.experian.com/databreach. Read the Experian Data Breach Resolution blog at http://www.experian.com/dbblog.”

76 percent

What can your organization do to protect itself from the risks and high costs associated with data breaches? Obviously, no company or government agency is completely immune to a potential data breach, but there are some important steps to take to minimize risk:

  • Encrypt sensitive data
  • At IT assets’ end-of-life, shred hard drives and other data-containing equipment such as smart phones
  • Have a well thought out incidence response plan in place
  • Update the plan regularly
  • Discuss the plan thoroughly and be sure that it includes “what if” scenarios
  • Use scanning technology to monitor your network for vulnerabilities
  • Provide periodic security awareness training for employees

 

Comments are closed