I’m sure by now you’ve heard of the Home Depot security breach.
If you haven’t, it could be one of the largest of all time, as it may have affected up to 60 million customers (possibly more). Estimates suggest up to $2 – $3 billion in fraud may affect these accounts. When it’s all said and done, the breach may even become the largest of its kind in history. If massive retailers like Target and Home Depot aren’t immune to cyber thieves, why wouldn’t criminals try to hit smaller and often less-prepared manufacturers?
Here are some mistakes you might make in the wake of a data breach, and what you can do about them:
1. No Outsourced Help in Place:
You might be able to handle small breaches on your own. But what about big ones? You can’t just turn to the “computer guy” and expect him to help you. Make sure you have professional help available should something big and bad happen.
2. You Don’t Have an Attorney Lined Up:
There is no single regulation that governs how you’re supposed to keep customer information safe. It actually depends on who stole the information and the type of data they stole. And since you’re connected to the internet, it could be anyone, anywhere in the world. Having a legal staff on retainer is good business practice and can save you time and money should your data breach and thus data recovery involve the law.
3. Too Many Decision Makers:
If you are affected by a data security breach, you should have a single decision maker in place for dealing with the aftermath. They should ensure all aspects of the plan are carried out and should also communicate with all outside parties. You may have several members and many different teams, but you should have one final decision maker who has been involved in your data protection plan all along.
4. Unclear Communication:
Regardless of the business process, clear communication is always important. It’s doubly vital when trying to respond quickly to a data breach. Confuse people with inefficient processes and communication, and cyber criminals will have more time to steal more information.
5. Waiting for Perfect Information Prior to Acting:
As soon as you know you’ve experienced a security breach, it’s time to start acting. Make the best decisions possible with the information you have available. If you wait to have perfect information, that shortens your timeframe for notifying those affected, which can lead to more mistakes
Have a Good Data Protection Plan in the First Place!
Regardless of the size and type of the data security breach you experience, it’s going to be a nightmare to deal with. So rather than reacting to one, always test and refine your security measures. a good data protection and data security plan will save you time, capital, negative public relations, and a lot of stress.
Learn more about the author Bob Martin