The only thing in life that is certain is death and taxes, or so the saying used to go. Unfortunately, if you have a business then there is another certainty, a data loss incident. This might not be a hacker, in fact it is far less likely to be a hacker than someone inside your organization – and that someone could be you. Mistakes made by employees make up around 80% of data loss incidents. How many times have you received an email and thought “I wonder why they sent me that” followed swiftly by “Please delete my earlier email, I sent it to you by mistake.”
Today there are solutions which can help prevent the mistakes and alert people to potential issues. However, there is also a need for a plan when it does go wrong. This is not just about data loss, but any security incident which then needs to be resolved. While many organizations have a disaster recovery (DR) or business continuity (BC) plan for physical disasters, there is now a need for a plan for cyber. If you already have a DR/BC plan, then this can be a good place to start – if not, or you would like to see some of the other considerations, then read our new white paper on how to prepare for a Cyber Breach.
Preparation starts with understanding
Who will be part of the team, and what are the legal notifications which need to be given and when. After this it is about three steps that need to be covered in the event of an incident:
- 1. What… What actually happened, what information (or systems) are involved and how many people are impacted?
- 2. Inform and mitigate… Get the communications together to the various stakeholders and work to resolve the issue.
- 3. Ongoing… Just like any physical disaster, the ramifications continue past the point where systems are back up and running.
As with the DR/BC plans, this isn’t a set and forget, it will need to be developed and tested and then revised. The hope is that you will never need it, but if you do, you will be ready.