Dealing with a data breach: Cyber Response+

Dealing with a data security breach following a cyberattack is a complex, fast moving process. Whilst speed is essential, the right team and good co-ordination from the outset and preferably, in advance is key!

What should I do if I am experiencing or have discovered a data breach?

Contact us - we will initially obtain high level information around the scope of the incident and following this, an available member of the Cyber Response+ team will gather further information and deal with immediate issues.

You will then be contacted by a member of the Cyber Response+ team located in your jurisdiction to take this forward using our data breach framework to identify, contain and manage the breach.

If you’re currently experiencing a data breach incident, please contact one of our specialists and they will get back to you.

Data breach framework

Our data breach response framework is built into our approach and helps minimise your risk in the event of a data breach.

It guides you through a four-phase approach when preparing for or facing a crisis: Detection, Analysis, Recovery, and Response.

The framework:

• sets out key considerations to be taken account of during each phase, enabling you to categorise, prioritise, and assign responsibility for tasks (internal and external); and
• outlines the various structures, procedures, and guidelines needed to ensure you are well positioned to proactively enhance operational resilience.

Preparedness and operational resilience remains key to minimising losses, and it is crucial that organisations have standardised and embedded Incident Response Plans in place. We can help enhance your operational resilience by updating policies and procedures, carrying out dry runs of breach scenarios or running training and team workshops. The framework includes the following:

• Overview: legal definition of a data breach; range of associated risk and sources of loss
• Detection: Upon detecting a data breach, clients have quick access to our expert team via Cyber Response+, our hotline available 24-7, 365 days a year. Purpose, benefits and identification of a Core Response Team, and broader stakeholders; factual assessment of breach, evidence preservation and triage
• Analysis: impact analysis and containment activities; proper recording keeping and notification
• Recovery: determining steps to remedy the breach; engagement with law enforcement, regulators, media and other third parties
• Response: post-incident review; remediation of internal processes and procedures; identifying investments and activities to help prevent future incidents
• Legal issues and considerations: key considerations across the four-stages of the process.