Data security breaches can have significant reputational, business, and legal costs for companies. Depending on the nature and severity of the incident, a data security breach can result in the loss of key business assets, cause public embarrassment, diminish customer goodwill, result in costly response and remedial requirements (including legal obligations), create contractual liability risks, attract regulatory scrutiny at the federal and state levels, and result in litigation.
While companies can reduce the likelihood of a breach by maintaining robust data security practices and procedures, the reality is that there is no such thing as perfect security. In other words, when it comes to data breaches, the question for most businesses will be not if, but when. Thus, to manage risk around data breaches, businesses must also have in place procedures to guide a quick and effective response.
Although every incident is unique, these procedures generally should include the following steps:
1. Develop Your Plan Before the Incident
Develop a written incident response plan before an incident occurs, and then create a hypothetical scenario to test the plan. Such a plan ultimately will not be a precise script for when an incident occurs, but it will help ensure preparednessand that the right team and procedures have been identified in advance of the incident. This is important not only to help expedite a response, but also to address regulatory risks. If a breach becomes subject to regulatory scrutiny, the company will need to demonstrate that it had a reasonable plan in place to address incidents and made a good faith effort to follow that plan.
