• Evaluate insurance coverage and take appropriate steps to file a claim. • What federal, state, and international laws are implicated by the “breach” or “incident”? • Should law enforcement be called? • Should an outside technical or forensics consultant be engaged? • Should outside legal counsel be called? Planning for a Security Incident or Data Breach. A response plan should be in place well in advance with details as to exactly how a security incident or an actual data breach will be handled. This plan should be reviewed on a regular basis with appropriate personnel educated on their responsibilities. This comprehensive data breach response and notification plan might be included as part of broader disaster recovery or business continuity plans. Advance Planning and Preparation. The creation of the response plan should engage multiple business interests including legal, information technology, operations, finance, human resources, communications, and marketing. The involvement of upper management is essential. The plan should be widely distributed so that appropriate people will react in a timely manner. Who in the business is most likely to first become aware of a security incident or data breach? The plan should ensure that employees at all levels know who to contact. Initial questions should be answered quickly and the information given to the appropriate person as efficiently as possible. The security incident or data breach may pose harm to customers or individuals affected by the incident. Quick action may be necessary to contain the incident or shut down some portion of the network or system while assessing how the security incident occurred. The plan should
167
Made with FlippingBook - Online Brochure Maker