Data Breach Planning 101

Data Breach Planning in 10 Easy Steps: How to Think Like A Litigator

When you have a breach, it’s not just the clients whose information has been stolen you’ll have to answer to… it’s their lawyers… and the regulatory agencies… and THEIR lawyers… and the media… and the court of public opinion. In short, you need to think more than a little bit like a lawyer when you start planning for the inevitable.

Along those lines, here are 10 easy steps to make sure that your data breach incident response planning is viewed from that pesky point of view of a litigator.

  1. Fail to plan = plan to fail.

  2. Big problems first, small problems later (don’t let the perfect be the enemy of the good).

  3. The criticality of the tone at the top cannot be overstated.

  4. You cannot prevent idiocy, but you can train (and retrain, and retrain).

  5. Make good email practices your fight song (in both times of calm, and times of crisis).

  6. Say what you mean and mean what you say (avoid good policies with poor follow-through; don’t set standards that you can’t meet).

  7. Avoid inconsistencies wherever possible.

  8. Know what your peers are doing (and if you aren’t doing the same thing, document why not).

  9. If you have a close call, document your decision and carefully consider whether you want privilege to apply or not (and why not).

  10. Think about your “story” in slow motion being played on a movie screen (or in excruciating detail on the front page of the Wall Street Journal).

Now that you’ve got this rolling around in your head, contact a professional to put it into a compliant format (better known as a WISP).

Click HERE to learn more

Posted in Breach, Compliance, Content, Incident Response, Legal, Risk Management
Tags: , , , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Visit Us On TwitterVisit Us On FacebookVisit Us On LinkedinVisit Us On Google Plus

Keep Current with What’s New in Cybersecurity

Email Address:

Name:


Cybersecurity News Daily

Provides a daily summary of what's news in Cybersecurity

Archives

Recent Tweets

Categories

Follow

Get every new post delivered to your Inbox

Join other followers: