It clearly goes without say that prevention efforts are not enough. Companies also need to proactively plan for the worst case scenario that a breach actually occurs. Data Breach Readiness is a state of preparedness where all of the key decision makers have been identified, the key support relationships have been put in place, the applicable legal and regulatory requirements have been assessed, and the plan for action is ready to execute in the unfortunate event that a data breach occurs.
Assign Responsibility For Data Breach Readiness
Setting up a Crisis Management team already established ensures the response and actions that follow are timely, coordinated and effective. Just knowing who needs to be consulted and who gets to make decisions puts companies ahead of the game when a data breach occurs.
Develop A Data Breach Readiness Strategy
Here, impacted customers typically receive a highly legalistic notification letter letting them know they are a victim of a breach, and urging them to be cautious. This may be the appropriate breach response for some companies despite the poor customer experience. However, it certainly does not represent the highest order of strategic planning for such a critical moment in your relationship with your customers. Ideally, institutions in possession of customer confidential information should take the time to explicitly decide upon a Data Breach Readiness strategy that is right for their unique circumstances. The response strategy must include fulfilling any legal or regulatory obligations.
- What data do we possess and how do we protect it?
- How damaging will the loss of confidential data be to our customers?
- Are we more concerned about the cost of breach response or the cost of lost business from a poor response?
- How damaging will negative public and regulatory relations be to our business?
- Do we want to offer a complimentary breach response product to impacted customers as a means of retaining their business?
- What tone do we want to take in our breach related customer communications?
- Are our answers above the same for all of our customer segments?
Choose A High Quality Identity Theft Protection Product For Impacted Individuals
When a data breach occurs, your customers can feel betrayed and at risk. Certainly, recovery from a breach involves expenses for legal professionals, IT staff, public relations and many other out-of-pocket costs. However, third party studies have shown that the biggest cost to businesses from a data breach is the loss of future business from impacted customers. How well you manage the breach response directly affects your future revenue line.
Test Your Breach Readiness Plan
Testing your plan regularly will help ensure that your plan is effective and that the right people within your organization know how to call the plan into action.
Communication and training are critical. Key personnel in each department must be aware of their own authority and responsibilities, but also how their role fits into the larger strategy for Breach Readiness and response.
These tips can greatly help in avoiding unnecessary data breach costs.
- How To Calculate The Cost Of Data Breach
- Dynamic Data Breach Insurance
- Country Ratings On Costs Of Data Breach