What to Do During a Data Breach

Data breaches can be terrifying to the average small business owner. A lot is on the line, after all, but how you respond during the data breach can have a significant impact on how well you weather the storm.


Isolate Your Network


The very first step you should take during a data breach is to half the flow of information. This means that you need to either isolate, if possible, or take your servers and machines offline so that you can protect important information and vital data.


Determine How the Breach Occurred and the Scale of the Incursion


This is where your data forensics team comes into the picture. They can work to help determine how the breach occurred and exactly what information, and how much information, was revealed in the process. You cannot go public until you have the details, but moving quickly is an absolute necessity.


Report the Breach to the Appropriate Authority – If Warranted


At its core, hacking is a crime. You may need to contact the appropriate authority in your state (this will vary from state to state). Your attorney can help you determine if contacting law enforcement is necessary and your best course of action for assisting with law enforcement investigations.


Determine Whether Public Notifications are Necessary


Not all breaches are created equal. Some breaches pose no risks or threats to consumers. This means they may not require notification. Different states have different laws on what types of breaches require notifications, so make sure you’re in compliance with state law (another area where your attorney is instrumental).


Notify Your PR Agency if Notifications are Necessary


Once you determine notifications are necessary it’s time to bring in your PR team. They will help you identify the most efficient notification process, draft an appropriate statement, create a press statement, develop a strategy for dealing with negative press, and handle leaks that occur during the process. Their role is to help you manage your public image throughout the crisis.


Contact Credit and Identity Monitoring Service


You should have a credit and identity monitoring service as part of your response team. Now is the time to bring them on board so they can help you get the right information to the customers and employees affected by the breach.


Identify Your Company Spokesperson and Release Your Statement


At this point, getting the word out in a responsible manner becomes your number one priority. You’ve crafted your statement, your response team is in place and now is the time to take action. Your spokesperson will become the face and voice of your company until the situation is resolved.


These are all the things you do during a data breach. One of the most important things, though, is one that needs to happen before a data breach. You need to have adequate coverage with cyber liability insurance. As businesses rely on computers for more and more each day, this valuable coverage is something no business can afford to go without.