Creating a Data Loss Incident Plan - Slide 13

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20
Next Incident response planning-13 Next

Incident response planning

Business decision makers need to be familiar with the disclosure requirements of the regulations which govern their industry, including not only digital data but the controls over respective paper documents and redress procedures. It is important to note that some state laws conflict with one another, so it is very important to be intimately familiar with all requirements. Different types of data loss events may require different responses – e.g., the theft of important confidential corporate information by a former employee would be handled differently than the loss of thousands of employees' Social Security numbers, credit card data, or an e-mail list with millions of records, which could trigger obligations under the law. In most scenarios, messaging should include how the incident occurred, the scope of the incident, what steps are being taken to help individuals and what is being done to prevent a reoccurrence. All communications should be carefully coordinated with legal counsel and law enforcement to ensure legal compliance while preventing tipping the hand to the perpetrator and preserving forensics.

The Online Trust Alliance (OTA) advocates that all businesses create an incident response plan and be prepared for the likelihood that they will experience a breach or data loss in the future. The fact is breaches happen and often at the worst of times. Rather than be lulled into the belief it will not happen to your business, a well-designed plan is emerging as an essential part of regulatory compliance, demonstrating that a firm or organization is willing to take reasonable steps to protect data from abuse. Doing so is good business. Developing a plan can help to minimize risk to consumers, business partners and stockholders, while increasing brand protection and the long-term viability of a business.

This slideshow highlights key questions and recommendations for businesses to consider while building a data loss incident plan.

More Slideshows:

10 Tips for Making Websites Stickier Develop an effective strategy to keep customers engaged.

The Mobile Work Force Today Mobile employees carry an average of 2.68 mobile devices, including laptops, smartphones and increasingly tablets.

10 New Smartphones for Business New smartphones for today's business user.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.