Planning for a Cyber Security Breach
Everyday there seems to be a headline regarding a breach of cyber security. From phone hacking scandals to major economic espionage, the security of data is increasingly at risk.
For companies that retain personal customer data, this risk is compounded, and they must consider how to not only protect against data theft, but also carefully develop a strategic response in the event that a data breach occurs.
Without a comprehensive response plan in place, companies are left to wonder what to do in the wake of such a data breach. Who must they contact, and how do they notify the affected individuals?
What should your plan be if your company’s data is compromised?
- First of all, plan to respond, and respond quickly. Silence is no longer acceptable, nor legal in most states, including Texas. You must plan to notify customers and clients regardless of the severity of the breach, and you must do so before they find out from the media.
- Know the laws of every state in which you do business. In Texas, the notification requirement was just extended, and applies to any company doing business in Texas and any affected individual, regardless of geography. These kinds of laws vary state to state, so make sure your plan is in compliance with each state in which your company operates.
- Tailor your message to the severity of the situation. Make sure you are conveying what information was compromised, the steps you are taking to protect your customers, and the steps they can take as well.
No company is immune from data theft, no matter the level of security protections. But, a strategic response plan can help protect your company from further damage beyond a data breach.