How to Respond to a Data Breach
Since data breaches are becoming more common, how you respond to one can go a long way in maintaining your business reputation and keeping you from losing the trust of your customers.
As with any crisis, a quick and decisive response is critical. But here’s the problem: most breaches go undetected for a long time. A 2013 study conducted by Verizon reveals that two-thirds of breaches took months or years to detect. One-third of breaches only come to light when the company is alerted by law enforcement, a customer, or simply by accident. The longer a breach goes undetected, the more harm it can do to your business.
If you are unfortunate enough to experience a data breach, here are some suggestions on how to respond:
- Stay calm and take the time to investigate thoroughly. You might be tempted to quickly patch a hole so you can get your business back up and running, but this could leave you vulnerable to another breach.
- Get a response plan in place before you turn the business switch back on.
- Notify your customers, following your state’s reporting laws. Only 33 percent of the Ponemon study respondents who had experienced a data breach sent out notifications, even though 46 states require it. Not following through on this could subject you to penalties and further legal troubles.
- Call in your security and forensic experts to identify and fix the problem.