By Paige Boshell, TDWI
These five tips can help you build a thorough and reliable data-breach response plan.
For starters, “data-breach plan” is a misnomer. The risk management program is actually a prevention, detection, response, and resiliency plan. The plans are fluid and require regular reassessment, both at scheduled intervals and whenever a substantive change in or to a product, service, customer type, vendor, data collection, use or disclosure, or corporate structure is proposed or takes place.
Here are five best practices for data-breach planning.
1. Assemble Your Team
Stakeholder participation is critical. Identify your experts, both internal and external, to increase the effectiveness of your plan and ensure that your team is ready.
A decision maker is the captain of the team with the authority to decide to build, tweak, and implement your plan. Communications among the team will be horizontal and vertical, often simultaneously in the event of a breach crisis. The person in this position should be familiar with all of the team members’ roles and concerns and is responsible for post-breach messaging, which must be uniform internally and externally throughout the response and remediation phases.
Other potential external team members include public relations, law enforcement, and vendors (pre- and post-breach).
2. Inventory and Assess Your Data Breach Risks
These tasks are typically conducted as part of your data protection planning. For breach planning, ensure that:
• Risks that a breach may occur at any given point are identified in the data inventory, including each access vector
• If a breach occurs, you must know the legal, fraud, reputation, and market risks
• The administrative, physical, and technical controls are in place to mitigate these risks; the limitations of these controls must also be specified
3. Empower IT
IT should understand the concerns of each stakeholder so they can be addressed and documented in the plan. IT educates the legal and compliance personnel so they understand how the technology works with respect to data access and protection as well as breach prevention, detection, and response.
4. Build a Culture of Privacy and Security
Employees must understand how privacy and security relate to both the core of the business and their individual roles.
5. Use the Plan as Your Road Map
Deployment of your plan and its various phases should be practiced. In the event of a crisis, the plan should provide immediate and familiar guidance for each member of the response team.
A Final Word
Breach planning is essential in today’s cyber-environment. These efforts should be embraced by all stakeholders and evaluated continuously. Post-breach quarterbacking is absolutely essential for resilience and plan improvement.