How to handle a breach of data in your organisation
11th September 2018

It’s a good idea for businesses to introduce both an internal and external plan of action should a data breach occur within their business. This will mean that your team will be better prepared and will have an increased chance of getting things right the first time. Ultimately, this could serve towards limiting damage to your software, management and overall reputation.

Nowadays, companies are becoming increasingly reliant on their banks of data, so if these are compromised and they can no longer gain access to this data, it could cause unparalleled interruption to the business across the board. We take a look at what you should think about to prepare your business in the event of a data breach.

Employee TrainingAll of your staff should be prepped on spotting and dealing with potential threats and training should be given to facilitate this. It may be helpful to run through some test scenarios with all your employees to ensure they know the best practice to keep a business going in the event of a breach.

CommunicationYour communication team will be vital should a data breach occur and correct training will ensure they know how to handle communications across the workforce and externally following a breach.

MediaStaff should be instructed not to talk to the media in the event of a breach. The CEO and board should start out by notifying stakeholders and regulators and then prepare a statement for a professional spokesperson to communicate to the public. There’s nothing worse than throwing someone with little experience into the line of fire without preparation and a throwaway comment between a member of staff and an opportunistic journalist could be devastating to your business.

Technology and operationsThe priority of your IT and operations teams will be to identify the cause of the breach and to secure the information as quickly as possible. Next, they will need to take steps towards recovering the systems and getting things back up and running again as soon as possible.

GDPRYou will need to be aware of who you need to inform in the event of a breach and the timescales in which this information is required. Certain types of data breaches need to be reported to the relevant authority within 72 hours. You may also be required to let the individuals affected know about the breach of their information if it is likely to result in a high risk to their rights and freedoms. In this case, you will also need to inform the ICO of the breach.

The key to handing a data breach as efficiently as possible whilst mitigating damage to your company’s systems and reputation is in the planning. It also helps to have a strong insurance policy in place to deal with the financial repercussions of such an attack.

Contact EIC Insurance Services to speak to one of our team about arranging cyber insurance for your company. Call us on 01442 286910 or email us for more information.

Recent Articles
12th July 2024
2nd May 2023
8th August 2022
Ready to find out more? Call us on 01442 286910

Make an enquiry

Let us know your needs and we’ll be in touch shortly.

* Required. Please do not submit any sensitive data. A member of our team will get back to you on the same working day
This field is for validation purposes and should be left unchanged.