Data Breach Response – Why Planning is the Key.

BY: Justine Avera, EPB&B Producer/cyber Security Professional

 DIGITAL ASSET MAPPING AND NETWORK DIAGRAM:

• Do you know where your data is stored? 
• Are you aware of the information pathways and network touchpoints used during normal business operations? Network touchpoints are any computer used that then reaches out to another computer, a server, a cloud application or service where you might have data stored, or do billing and inventory management, or communicate with vendors and buyers such as  Dropbox, or GoogleDocs.  

BREACH REPOSNSE PLAN :

• who do you need on your team to respond to a breach or ransomware attack?  
• Do you have a procedure to investigate, respond and contain an attack.  
• Don’t forget to call your insurance agent!

DATA HYGIENE:

• Do you have a formal process for regularly moving data that is no longer frequently needed to secure, encrypted and air-gapped storage?

TESTING:

• Do you develop simulations and do sandbox exercises, including cyberattacks that happen might over the weekends and on holidays.

CYBER REPORTING :

• Law enforcement officials, CISA, and various regulatory agencies now require timely reporting – do you have a contact list and the information and forms needing to be completed to comply with reporting requirements?

Remember that each organization’s data breach response plan should be tailored to its specific needs, industry regulations, and risk profile. Regular testing and updates are essential to ensure the plan remains effective in the face of evolving cybersecurity threats. Businesses that don’t have a solid data breach response plan are often slower to recover, and experience greater reputational harm and operational disruption.  Cyber Security Insurance and a strong data breach response plan can turn a potential  disaster of epic proportions into a manageable event.