-
-
- Review your state’s data breach laws and make a list of entities you have to contact.
- Contact law enforcement or consumer protection agencies, if your state law requires it.
- Contact your data security specialist or IT consultant. If you don’t have one, you may want to hire someone to perform an IT security audit so you’re less likely to experience another data breach in the future. BMT specializes in security audits.
- Reach out to your insurance company if you have Cyber Liability Insurance. Your Cyber Liability Insurance provider will pay for some of the costs associated with responding to a data breach, including (depending on your policy) crisis management, credit monitoring, and data breach investigation.
- Investigate the breach, compiling information as to where it occurred and what data was lost. (If you’re not particularly tech-savvy, hiring a security consultant to perform an audit may be wise.)
- Repair any security weaknesses, but keep records and evidence of the breach (which you might need to turn over to law enforcement agencies later).
- Contact a credit monitoring company about fraud and IT theft prevention services you can offer your customers.
- Set up a phone line or email address to handle incoming questions and concerns from customers.
- Post an announcement on your website about the data breach and how customers can reach you with questions.
- Notify individual customers (via email, phone, or mail, in accordance with state regulations).
-
Post Assessment & Planning
-
-
-
- Assess gaps and evaluate effectiveness of plans, procedures and staff training
- Adjust security and response plans and processes; communicate and train accordingly
- Stay current; test your plan often and remain aware of changing threats and law
-
-
Failing to prepare is preparing to fail. Take some time to review this checklist and get the ball rolling on a response plan today. Educate yourself on best practices, seek guidance on where you might be most vulnerable, patch any weaknesses, and develop a strong security response plan for potential incidents and recovery. Need assistance? We can help – contact us today to learn more: 973-276-0808 or [email protected]