The majority of successful companies of today are well aware of common data security issues and put a great deal of trust into their own efforts towards preventing a data security breach.
However, as demonstrated by recent security breaches of several large, tech-savvy companies such as Target, LivingSocial, Facebook, Gmail, and Twitter, no set of security measures is completely infallible to a breach. What businesses of today have to then consider is: what is your plan of action after a data breach when your security and data loss prevention measures have failed?
We set out to get some pro tips from data security experts on what they would consider to be the best practices for after a data breach has already occurred. To do this, we asked 30 data security experts to answer this question:
"What's the most important next step you should take following a data breach?"
We've collected and compiled their expert advice into this comprehensive guide on what to do after a data breach. See what our experts said below:
Bill Rosenthal
Bill Rosenthal is the CEO of Logical Operations, which offers 4,600 titles in its training curriculum library, and Communispond, a business consultancy that helps businesses and individuals to achieve business goals by communicating with clarity and power. He writes thought leader articles on effective communicating for Harvard Business Review, Forbes and Chief Executive magazine.
When it comes to the important steps to take after a data breach, this is my advice...
Announce the breach quickly. You owe it to the people affected. You'll get points for promptness -- and brickbats for delays. Explain the scope of the problem. Don't try to minimize it because you'll lose credibility if you have to amend your statement later.
The apology should come from senior management. Speak directly. Don't waffle. Elton John sang, "Sorry seems to be the hardest word." Bite the bullet.
Be ready to answer tough questions. Anticipate the questions that will be asked and prepare concise, persuasive answers to them. Rehearse them so you can answer them without a script and without sounding like you're on autopilot. On television or before a live audience, don't repeat a hostile question; rephrase it in neutral language and then answer. When talking to an individual, look at that person in the eye as you answer. The question may be asked disrespectfully; don't lose your equanimity.
Express your personal remorse. But don't make it sound like you're suffering more than the people who were affected.
Follow up with a clear description of what's being done to prevent recurrence of the problem.