Recent data breaches have left some large organizations reeling as they deal with the aftermath. They include the Target data breach, compromises at Home Depot, JP Morgan, USPS (which exposed employee Social Security Numbers and other data) and, most recently, Sony Pictures. The Sony hack also proved to be embarrassing to some of the company’s executives, as private email correspondences were exposed.
Collateral damage from data breach is significant: one in nine customers affected by a data breach stopped shopping at a particular retailer. According to LifeLock, a recent survey of corporate executive decision-makers found that while concern for a breach is 4 or 5 on a 5-point scale, only 10% to 20% of their total cyber security budgets go to breach remediation. Establishing an incident response plan in advance can reduce the cost per compromised record by $17.
While strengthening cybersecurity is important, the impact on breached organizations shows that preparing a response must be part of the breach-management equation. These breaches present an opportunity for business leaders and risk professionals to learn important lessons about how to protect their companies, customers and employees if a breach should occur.
Below are steps companies can take to establish a response plan, as well as information on the data breach landscape.