Bookmark and Share

Cyber Security Hot Topic: Responding to a Data Breach

Data breaches are one of the most significant cyber security issues companies face in our modern world. They can easily cost millions of dollars. Given the magnitude of the risk, responding to this situation properly can help a company minimize exposure, preserve critical evidence, and improve recovery time.

Below are some basic principles for approaching data breaches.

Have a Response Plan:

It is important to have a breach response plan in place. For most companies, it’s not a matter of if they will experience this, but when. The way a company responds to a data breach can significantly reduce its overall impact. A response plan sets a standard so the company can react quickly and efficiently in an emergency situation. Advanced planning ensures that the proper teams will be alerted and that they are aware of what needs to be done so there is little hesitation or confusion. Time is of the essence with this type of occurrence, the faster a company reacts, the quicker solutions can be put into place.

Don’t Delay Reporting:

It’s no secret that one of the largest issues creating backlash following a breach is a delay in reporting it to the affected customers and to the public. Reporting a breach as quickly as possible helps to preserve the maximum amount of trust as it demonstrates the proper regard for the interest of those involved. As mentioned above, having a plan in place allows a company to react quickly, this ties in with the ability to notify those affected. It is also a good principle to report a possible breach even if not completely confirmed. If enough evidence exists to support a breach may have occurred, the backlash from having to retract reporting one will be minor compared to any perceived lack of delay in getting the word out.

Fluid Numbers:

The reality is that even the best estimates may not be close to accurate in the early stages of a breach; therefore, it is important to properly frame any numbers reported to the public in the context of being tentative. If the numbers reported are much lower than what the reality turns out to be, this may be perceived as dishonest. While that is not likely to be the case, perceptions of that nature are best avoided in data breach scenarios.

Exceed Expectations:

It is important that a company has decision makers who have the awareness to be able to put themselves not just in the pockets but also the shoes of its customers. What would they expect if their critical information was compromised? It’s not enough to admit a mistake. The actions taken to correct the issue need to be disproportionately in the favor of those who have been harmed. For example, a company may offer a free year of credit protection to those affected by their data breach.

Recovery Plan:

There must be a plan for recovery in place after a breach. Once most of the short term ramifications are clear, it’s time to get to work. The recovery plan must be beyond what will be done for the affected customers. The question is what will be done to make the company more resistant to breaches in the future and how can it possibly make the future more secure for all? A company who answers those questions effectively will most efficiently regain the trust of its customers and investors.


Data breaches are a very costly event for any company. The impact of a breach, however, can be minimized with the proper preparation. Companies who thrive in the digital age will inevitably plan for and successfully navigate data breaches.