It happened. Your company just experienced a data breach. Now what?
Keeping in mind that each breach situation is unique, here are the general guidelines, inspired by the Federal Trade Commission (FTC) that can help your company make smart decisions in the wake of a cyber incident.
Stop Additional Data Loss
The first thing to do after a breach occurs is to work to stop additional data loss. All impacted equipment should be taken offline immediately, but remain on. Entry and exit points should be closely monitored, and authorized users should update their credentials and passwords as soon as possible.
Secure Digital and Physical Business Operations
Right after a cybersecurity breach, it’s important to quickly secure all business operations. When it comes to digital assets, ensure that all systems and networks are secure. Be sure to repair any vulnerabilities that may have led to the breach. If you believe that a physical part of the business led to the breach, double-check security and change access codes.
Contact Breach Experts
If your business has a breach response team, now is the time to contact them so they can begin their response, investigation, and recovery. If you do not currently have this team in place, it’s a priority to assemble a team of experts to execute a successful breach response. This can include but isn’t limited to forensic, legal, information technology, information security, operations, human resources, communications, management, and investor relations professionals.
Develop a Communication Plan
Create a comprehensive communication plan that reaches all impacted parties including employees, customers, investors, and partners. Anticipate the questions that will be asked by those affected and provide the answers clearly and concisely. Provide key details about the breach that can help them protect themselves and their information but do not include and information that could put them at further risk.
After working through these four steps, the next piece of your data breach recovery will likely include collaborating closely with your data breach experts to notify the appropriate parties as well as make changes to your organization’s cybersecurity processes and procedures for a more secure future.
These days, it’s not a matter of if your company will experience a data breach, but when. Knowing what to do after a breach occurs can help reduce panic and ensure that the proper steps are taken to reduce additional damage and implement an effective recovery strategy.
When Measured policyholders experience an incident, our team of highly experienced claims experts provides comprehensive support from beginning to end. It is Measured’s goal to keep businesses operating while assessing and solving cyber issues. Policyholders, learn how to improve cyber security with the resources available in Measured’s Insured Portal.