Regardless of your business’ cyber security proficiency, no organization is safe from data breaches. That’s why it’s critical every business develops and documents an Incident Response Plan. Your response plan will outline steps your organization should take if you suspect data has been compromised. The quicker your business follows the plan, the better position you will be in to mitigate the impact on your business.
According to IBM’s 2021 Cyber Resilient Organization Study, 54% of organizations do not have an incident response plan applied consistently across their organization. Given the accelerating pace of data breaches, many observers caution that most companies will experience an incident at some point. The time to prepare your organization is now.
Building your breach response team
Key personnel must be trained and understand their responsibilities to effectively respond when a security breach occurs. By identifying and containing a breach your business can save a lot of money and avoid negative consequences.
When developing a data breach response plan, activities across all teams should be coordinated to reduce the chances of unintentional errors. Here are some of the teams that should be involved with your plan, and what duties they should have:
IT and Security
Personnel should continuously assess the company’s data security gaps and train on how to detect vulnerabilities and apply necessary security measures. They are also the first responders for the containment and remediation of a breach.
Legal
The Legal Team may need to work alongside IT, depending on the severity of the breach, to identify legal obligations and provide relevant advice. This approach can help to minimize the possibility of government-imposed fines from regulations such as Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), or foreign regulation if you have customers outside Canada.
PIPEDA dictates the notification requirements of your business. The law requires that you report any breach of security safeguards that pose a real risk of significant harm (RROSH) to an individual. The chances for litigation and fines can be diminished as your business becomes familiar with these requirements.
Human Resources
The HR team will serve as the frontline for communicating with employees, especially if their personnel information was breached. They may also help equip employees with resources and best practices for further protecting themselves and their families (both before and after a reported security incident).
Marketing and Communications
This team is accountable for notifying those impacted outside of the organization, which can include the press. They must work together with the Legal Team to make sure communications are timely and accurate. Being timely with your notification can help to promote an honest demeanour, helping protect your business’ reputation and helping reduce possible customer turnover.
Developing a breach communications plan
As a reputable company, you are responsible for notifying law enforcement, other affected businesses, partners, employees, and customers of the potential information disclosed. Post data breach communications may include explaining how the incident occurred, what information was compromised, what actions have been taken to remedy the situation, and how your business intends to protect affected individuals.
It’s important to note that authorized spokespersons should be identified and prepared with answers, such as a formal Q&A document. In addition, be prepared for inquiries to surface via phone calls, e-mails, social media, and the press.
Training and awareness
For your Incident Response Strategy to be effective, employees should periodically practice with simulated breaches. If an event does occur, response team members should be familiar with the processes within the plan and ready to jump into action. When executing your plan, keep a keen eye on potential roadblocks and improve the framework with every rehearsal. Making your Data Breach Response Plan a routine can help your organization be better prepared for an actual breach.
Ensure your business is protected
Making sure that you company has a well thought out and intricately planned Incident Response Plan is key. But on top of that, it’s important to ensure you have the necessary coverage should something go wrong. Cyber risk coverage is designed to support your business if computer networks are breached. Visit our cyber risk coverage page to find out more!
This blog is provided for information only and is not a substitute for professional advice. We make no representations or warranties regarding the accuracy or completeness of the information and will not be responsible for any loss arising out of reliance on the information.
