Cybercrime is a growing concern for businesses across the world. Partner and data theft expert Hugo Plowman outlines five things business leaders can do to protect their data before a breach occurs and if a breach takes place.
Hugo commented: "A crisis can feed paranoia and uncertainty. Yet basic alert mechanisms and security measures can help businesses to investigate a data breach quickly and accurately, before responding decisively to an incident if it does happen."
BEFORE A DATA BREACH
- Introduce the correct management structure and clearly define responsibilities. Create a crisis response team and train them regularly in how to respond to a breach.
- Recognise and register legal rights: make sure you have identified and taken steps to protect valuable data.
- Ensure compliance with regulatory obligations, including having adequate software and systems in place to protect your data.
- Introduce watertight contractual arrangements, cyber security policies and procedures then raise awareness about them and train your staff on how to implement them.
- Ensure your insurance policies give you the right cover. If you have concerns, it is within your rights to challenge your broker: this is still an emerging space.
AFTER A DATA BREACH
- Move quickly: you need to investigate who is behind the breach, how they have got in, what has been taken, when it happened and why.
- Contact your insurer and confirm your responsibilities in terms of appointing experts to contain, track and recover lost data.
- Decide who you need to notify and what they need to know - regulatory bodies may be expecting your call.
- Communicate with your customers, shareholders and staff: reputations take a long time to build and can be damaged in no time at all.
- Take legal action to recover your data and prevent its misuse.
If you have any questions about your business and its cyber security needs, please contact: