Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

GlobalCollect Data Breach Factsheet

9,555 views

Published on

Acting quickly after a data breach can help you regain security, preserve evidence and protect your brand. Use this checklist as your guide in the first 24 hours after discovering a breach.

Published in: Business
  • Be the first to comment

  • Be the first to like this

GlobalCollect Data Breach Factsheet

  1. 1. 5 steps to take after a data breachActing quickly after a data breach can help you regain security, preserve evidence and protect your brand. Use this checklist as your guide in the first 24 hours after discovering a breach… 1 Fact find Do you fully understand the facts and circumstances of the breach? To do: Interview the persons who discovered the incident Document the date and time of the breach Find out the type of data compromised and how it was stolen Secure compromised devices and preserve evidence 3 Alert your response team The team should start to carry out your data breach response plan. To do: Define the scope of the breach and its potential exposure – not just for your company but for other organizations you work with Identify where the jurisdictions lie of the data affected. This will help you to manage any legal and industry requirements 5 Communicate effectively Only once the situation is fully under control should you go public. If you only have partial, incorrect, or misleading information the incident will turn into a public relations nightmare. To do: Get all the facts first and then provide transparency on the issue as much as possible. Your PR team will need to be fully briefed in order to answer any difficult questions Contain leaks Inform and consider investor relations Draft and send data breach notices to customers/consumers and regulators in accordance with legal obligations and/or your communications strategy This includes your service providers, banks, affiliates and contractors. To do: Review the situation with your internal and external legal teams, your privacy and compliance teams, IT, PR and management Find out your legal obligations and duty of care Find out the number of suspected people and the type of information compromised Make sure you know which regulators and/or customers you need to contact and whether notice is required to comply with data breach notice laws Devise a strategy around the handling of communication with partners (proceed with care, as future legal claims may arise) 4 Contact your business network 2 Fix the issue Get a solid understanding of what’s happened, then make sure the problem is properly fixed. To do: Contain the problem and make sure there are no more leaks Identify other security gaps or risks Change all of your passwords Find out what to do if additional data misuse or other harm is detected (eg how to contact the appropriate law enforcement agency) Identify process improvements and vulnerabilities to avoid future breaches Review, update and test your incident response and management plan Need more advice and detailed information on how to prevent a data breach? Contact GlobalCollect compliance@globalcollect.com And finally, plan for the future

×