Stop, Drop and Respond – Taking the panic out of a data breach

Your heart rate increases, palms a little sweaty – your phone has pinged with the news that there has been a data breach. You’re not yet sure of the who, what or how, but one thing is for sure – you need to act swiftly.

When a cyber security incident or data breach happens to you here is what you need to have in place as immediate actions.

The key steps than need to be taken are to contain the breach, assess the extent of the breach and the kind of information that has been compromised, and then determine if the breach is notifiable and act accordingly.

It’s no secret that a quick response to a data breach is critical to managing the breach as effectively as possible. But… here are the first practical steps that you would take when faced with the news that your system in compromised.

As with ghosts and other threatening spectres, the first question that comes to mind is “who you gonna call?” – and this really is a critical first step toward activating a response plan in the event of a breach. Know who the members of your organisations response team are. You need to be able to quickly and easily identify the person or people who will report and escalate an actual or suspected data breach.

The next question to consider is how you gonna call? If your organisation’s intranet is compromised for example, do you have the contact details of the relevant personnel?

It is key to success to know who to contact and how to do it. Increase your response readiness by knowing your external assistance providers such as IT, cyber security, crisis management and legal advisors.

When the need to take swift action is so pressing, sometimes it’s the smallest details that can create the largest delays to activating your beautifully crafted data breach response plan. Make sure that you and your colleagues know exactly how to activate your organisation’s response plan by preparing an ‘Emergency Data Breach Response Card’ that can sit in your wallet or on your mobile device. There is an example below to get you started.

Having the key contacts and critical first steps in an easy-to-use wallet-sized card, you could help take the panic out of a data breach and grease the wheels for a quick and effective response that ensures the best outcomes for you, your organisation and any affected individuals.

This isn’t the only solution, but, it is one that addresses the “Oh No!” moment nerves when you’re faced with this cyber incident news. Other ideas are welcome, please share.

Published by Brett

Brett is an experienced lawyer and business executive who focuses on commercial outcomes. He has worked across three sectors in England & Australia advising and leading initiatives in digital, media and technology

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s