Business Guide to Data Breach Response

code on computer screen
Photo by Shahadat Rahman

Data breaches are impacting more organizations from non-profits like Goodwill to the State of Louisiana. If a data breach happens to your business or organization, it may feel like the end of the world. While a data breach will likely impair relationships with your customers and suppliers, you will recover if you have and stick to a good data breach incident response plan. 

A data breach incident response plan is a strategy for mitigating the damage done by a data breach. It involves securing your operations, fixing your vulnerabilities, and notifying affected parties. Having a data breach response policy is the best way to attempt to keep clients and suppliers happy and regain trust in the event of a data breach.

Table of Contents

Data Breach Response Checklist

Breaches have become so common that the Federal Trade Commission has outlined guidelines on how to respond. We have shortened the recommendations for your convenience, but you can review the original guide here. The following data breach response plan template works for businesses in most industries.

Secure Your Operations

The first stop in any incident response plan for a data breach is to patch whatever security vulnerabilities allowed the leak to occur. If you have sensitive physical systems such as computers with advanced access privileges, lock them in a secured room. Change all passwords and review your security configurations. You will want to get to the source of the breach as soon as possible. Interview those who discovered it and anyone else who might be involved. Use data forensics to trace information flows across your network to determine where the vulnerability occurred. It is crucial to not destroy evidence of the breach. It will come in handy in the event of legal or financial ramifications.

Fix Vulnerabilities

The next thing to do is to refine your data access privileges. Consider the service providers you work with and the information you share with them. Remember that data sharing is vulnerable twice, once while it’s in transit and once when it is stored. For information that does need to be shared externally, ensure that strong encryption protocols are in place for the transmission and storage of the data. You will also want to review your network segmentation to ensure that no endpoints have access to data they don’t need to. The fewer points of access for your data, the more secure it will be. Be sure to review employee accounts to ensure that configuration best practices are being followed.

Notify Appropriate Parties

Because data breaches can be costly, notifying all appropriate parties as soon as possible is crucial. Understand that you may be legally liable for the data breach, so it is best to have an attorney review all communications related to the breach. That said, it is important not to hide details of the breach. In order to protect themselves and mitigate the damage, your clients and suppliers need to be aware of all relevant details of the breach. This includes what information was taken, who is in possession of it, and whether the information has been posted publicly anywhere. In addition to notifying the affected parties, you should notify law enforcement. While it may be appropriate to notify local police, in all likelihood, you will need to get the FBI involved. If the security breach involves mail theft, you may need to involve the US Postal Inspection Service as well.

Developing your Data Breach Response Plan

The data breach response checklist provided by the FTC is a helpful place to start, but it certainly can’t be the end of your data breach protocol. In order for the checklist to work, you will need to get specific about your business operations. 

Being prepared for a data breach will require you to inventory all of your IT assets, assessing them for vulnerabilities, and documenting their configurations. It will also require a register of all company databases and the parties that would be affected were any to be compromised. 

At Foresite, we take security seriously. As a trusted cybersecurity provider, we offer a range of solutions to ensure your network security. Additionally, we offer business continuity planning to help organizations plan and prepare for businesses disruptions from any cause, including a data breach. 

Contact us today for a free quote. 

Sign up for our Newsletter

Receive weekly emails for the latest cybersecurity news

Expand your team with Foresite

Enterprise-level cybersecurity and risk management for mid-sized businesses. Prioritize your security tasks and reduce the complexity of cybersecurity.