To maximise your chance of surviving a data breach, understanding, planning and testing are essential. Firstly understand what data you have, how it’s used and where it’s stored. This will allow you to develop both a technical and business response. The technical response covers closing the breach and isolating affected data and systems, stopping further breaches, analysing and understanding what happened and implementing the recovery plans. The business response covers the regulatory, customer, stakeholder and PR responses.
In the cybersecurity world, a common belief is that there are two types of organisations: those who have been breached, and those who don’t yet know they’ve been breached. It really is not a matter of “if” but “when”, so to be thinking ahead and planning your response plan to a breach is imperative. It is important that your cyber response plans have board level engagement and you should also be aware of laws governing the organisation’s obligation to disclose a data breach, such as those outlined in the GDPR regulations.