Definition

data breach response plan

A data breach response plan is a course of action intended to reduce the risk of unauthorized data access and to mitigate the damage caused if a breach does occur.

Here are 10 crucial steps of data breach response planning:

  1. Use resources such as business impact analysis (BIA) and disaster recover (DR) methods to identify your organization’s most sensitive data and implement actions to protect data based on the severity of the impact a breach would have.
  2. Perform a high-level risk assessment of your IT environment and identify vulnerable areas.
  3. Implement measures to reduce the likelihood of breaches caused by human error.
  4. Address security on multiple levels: Educate employees on social engineering tactics; ensure that data is encrypted. Make sure that processes involved are as streamlined and automatic as possible to maximize compliance.
  5. Learn the specifics of current federal and state data breach legislation.
  6. Ensure that the breach response team has authorization to take necessary steps immediately when a breach occurs so that crucial time isn’t lost obtaining permission for action.
  7. Test your response plan frequently and address any weak areas as soon as they are discovered.
  8. Find contact information for forensic companies, law enforcement agencies and legal and public relations firms that you will deal with in the event of a breach and establish relationships now.
  9. Provide training for responders on, for example, evidence collection. Ensure that any required certifications are in place.
  10. Create a plan for how a breach will be disclosed so that the news will be communicated swiftly, transparently and effectively. Include your solution to the problem and a way for those affected to contact you. 

 

This was last updated in July 2012
Contributor(s): Ivy Wigmore
Posted by: Margaret Rouse

Related Terms

Definitions

  • encryption

    - Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties. (SearchSecurity.com)

  • firewall

    - A firewall is a network security system, either hardware or software based, that controls incoming and outgoing network traffic based on a set of rules. (SearchSecurity.com)

  • ethical hacker

    - An ethical hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabiliti... (SearchSecurity.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About data breach response planPowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.