News and Announcements
Cyber incident/data breach response: Your emergency checklist
- Published April 08, 2015 4:46PM UTC
- Publisher Wholesale Investor
- Categories Company Updates
Source: DLA Piper, by Alex Christie, Sharon Rowe and Jacques Jacobs
A cyber incident/data breach places your organisation in crisis management mode. While this crisis cannot be avoided the steps you take (or do not take) in the aftermath of the incident can significantly reduce the impact that a data breach/cyber incident has on your organisation (both financially and on its reputation).
For a number of years we have been extolling the virtues of and requirement for risk management and planning (prior to any cyber incident/data breach occurring) as part of good governance, and we are always happy to assist you with this (and continue to recommend it). However, we realised that there is little information about what to do (and what not to do) when the inevitable happens. Whether or not you have cyber risk management and an incident response plan in place, any significant cyber incident or data breach is traumatic for the organisation and its people and we thought it would be useful to have a brief guide as to what to do and not to do in the immediate aftermath of such an incident.
The first 24 hours after you discover a cyber incident/data breach are critical to restoring security, minimising harm, obtaining and preserving evidence and complying with contractual and legal obligations. Our ‘Emergency checklist’ provides the executives of companies and the in-house counsel of those organisations with prioritised key steps to take (ie “What to do”) and key warnings as to ‘What not to do’ in response to a data breach.
To read the full story, please click here.