Data breaches expose everything from government identifiers to user account log-in names and passwords. Criminals can use the stolen information such as name, address and date of birth, to file false tax returns, order credit cards and to take money from bank accounts. If you use the internet and have provided your personal details, you’re most likely a victim of at least one data breach. Data breaches are inevitable and waiting for a breach to occur before designing and testing an incident response plan is a recipe for failure. It’s now a question of when your organisation will be breached and how you will respond, not if you will be breached. 100% prevention simply doesn’t exist, so having a plan to deal with a security breach is now more important than ever. You probably already have an incident response plan, from a technical perspective with defined phrases such as preparation, identification, containment, eradication and lessons learned. Given the severe reputational damage that can arise from a high-profile data breach, a marketing and communications plan, along with a technical response plan, is now a necessity. Security heads must now learn about public relations and crisis management, as the changing facets of information security force the role to move from a technologist to a business leader and risk manager. As the role changes, you must now consider in the event of a breach what is required for communication to your customers, regulators, shareholders and to the general public. What will be communicated, how it will be communicated and what will be done to remedy the situation, must all be communicated quickly and across multiple mediums to the right audience. Honesty, transparency and accepting accountability are key to successfully saving your organisations reputation in the court of public opinion. Breaches are inevitable, but data theft is not. Remember, focusing on all five elements of a comprehensive security program: identify, protect, detect, respond and recover, will provide full circle protection and allow you to manage your risk…Click here to read full article.
