How Your Business Should Respond to a Data Breach

It has been estimated that 143 million Americans have fallen victim to having their data taken after credit monitoring firm Equifax was breached. The data compromised includes Social Security numbers, full names, addresses, and driver’s license numbers, among other pieces of personal information. This is far from the first large-scale breach in recent years: large companies like Target, Wells Fargo and Yahoo have had their customers’ data breached, and earlier this year there were multiple large ransomware attacks on various businesses. The public response to the Equifax breach has, understandably, not been favorable; the business now faces at least 23 proposed class-action lawsuits. Regardless of the industry or the size of your business, everyone is at risk of a cyber breach. Protect your business with Cyber Liability insurance and take a look at these guidelines to reduce the impact of potential breaches.

Take care of the breach.

The first step to dealing with a data breach is shutting down the breach as quickly as possible. In 2017, there is no excuse for a business to not have cybersecurity measures in place and a plan that can quickly be enacted in the event of a cyber attack. Protect your network and your data with security measures, complex and frequently-changed passwords, and multi-step authentication, and segment your network so that, in the event of a breach, the affected portion of the network can be shut down without shutting down the entire network.

Your plan, which should be in writing, easily accessible to all employees, and regularly discussed and updated, should detail exactly what will happen in the event of a breach. It should designate who will be responsible for shutting down the breach and what everyone else should do, as well as how the network will be restarted. You should also account for business disruption and how you will take care of the potential losses resulting from the breach.

Address the public.

Shutting down a breach is difficult enough, but perhaps even more difficult is informing your customers that their personal information has been compromised. Obviously no one wants to hear that hackers have their data, but it’s imperative that you maintain a clear line of communication with your clients. Inform them of the breach as soon as you possibly can, provide as much information as you have, and continually update them with the status of the breach and what can be done to help them. Understand that your clients will likely be angry with you, communicate accordingly, and offer whatever you can to make the situation easier for them.

However, although you should communicate quickly, you should not abandon quality in favor of a quick response. In your cybersecurity plan, you should also designate who will be in charge of all communications with clients and official statements about these issues. All statements should go through them (whether it is one person or your entire PR department), and nothing should be posted without their approval as well as upper management’s approval.

 

About Axis Insurance Services

At Axis Insurance Services, we aim to help our customers identify their exposures and protect themselves. Founded in 1999, we offer insurance programs to a wide variety of professionals and industries including attorneys, real estate, healthcare, architects, and more, and also have a wholesale division. We pride ourselves on offering flexible insurance coverage tailored specifically to each customer’s needs. To learn more about our solutions, contact us at (201) 847-9175 to speak with one of our professionals.

Leave a Reply

Your email address will not be published. Required fields are marked *