Today's data breach landscape is unprecedented and complex. Every organization is facing potential enforcement of many interconnected and overlapping laws in multiple jurisdictions. Requirements for what constitutes a privacy breach or legal privilege, or what thresholds regulators are setting to hold organizations to account vary significantly.
What needs to be done? Should we call law enforcement? What about the General Data Protection Regulation's (GDPR) requirement to notify within 3 days? Should we notify consumers? Although there is no one-size-fits-all approach, here are some of the key do’s and don’ts when responding to an incident.
The 6 Things Not to Do During an Incident or Breach Response
Run an incident response manually in an Excel or Word doc
Waste time attempting to identify the appropriate personnel and organize meetings across time zones and jurisdictions to assign roles and responsibilities
Use insecure or undocumented communications with uncontrolled participation
Collect data using ad-hoc tools which cannot guarantee its integrity
Fail to enable legal counsel to supervise the investigation and forgo privilege
Miss deadlines due to a manual notification processes
The 6 Things You Should be Doing During an Incident or Breach Response
Automate your incident response plan
Assign roles and responsibilities and automatically communicate them to participants
Communicate through a secure external channel that preserves the opportunity to assert privilege
Investigate the incident using state-of-the-art forensic tools
Use AI To evaluate data and determine what data and which data subjects and jurisdictions were affected
Generate jurisdiction specific notifications automatically
To orchestrate a strong defensible response process, organizations need their own automated and encrypted incident and breach management system, configurable workflows and defined tasks for stakeholders, where the evidence of defensibility is generated by the activities associated with the response to a data event. See how Exterro Incident and Breach Management can help you orchestrate an efficient and defensible breach response process.