DATA BREACH LESSONS FROM THE TRENCHES

The growth of the digital business environment has created a data breach world. Recent breaches have cast the spotlight on the issue for organisations large and small, as companies are experiencing security incidents at an alarming rate with no signs of a slowdown. In fact, studies indicate companies are attacked an average of 16,856 times per year and many of those attacks result in a quantifiable data breach (Quantifying the Data Breach Epidemic, IBM, 2014).

Based on experience servicing some of the largest data breaches to date, we have a few lessons to share that offer guidance for successfully managing a data breach before, during and after an incident occurs.

While a data breach is inevitable, organisations can significantly reduce the costs and reputational fallout by preparing for a data breach in advance, starting with erecting a strong IT security posture, identifying a Chief Information Security Officer (CISO) or outsourced IT consultant and an incident response plan.

The response plan, similar to a fire drill, should be practiced and backed by a solid team which includes C-suite executives, IT, legal counsel, public relations and human resources. An up-to-date and practiced response plan can save an organisation on average $12.77 per record (Cost of Data Breach Study: Global Analysis, Ponemon Institute, May 2014). Multiply that by the hundreds, even thousands of records exposed in a data breach, and the savings can really add up.

Oct-Dec 2014 Issue

Experian Data Breach Resolution