Tips for Responding to a Data Breach

November 18, 2021

So, you’ve been hit with a data breach—now what? Unfortunately, this is an all-too-common occurrence, even with some of the new advanced data security and privacy controls that are available. If your team just experienced your first data breach, don’t panic. You have contingency plans in place for a reason, and now is the time to just into action.

Here are a few tips to keep in mind while your team works to secure your controls and fix any vulnerabilities that were exposed during the breach:

  • Mobilize and secure the impacted system or hardware immediately. As soon as your team is aware of an incident, it’s time to jump into action. Shut down any impacted systems, secure compromised hardware, and remove any threat of another attack.
  • Research the issue and identify where the problem occurred. When things are locked down, it’s time to identify where the issue occurred. Depending on the size and scope of the data breach, you may need to work with the forensics or contracting team to identify the threat.
  • Discuss the incident with your executive and legal teams. Next, you will need to notify the appropriate internal parties, including your executive and legal teams. Depending on the type of information compromised, you may have to deal with federal or state law implications.
  • Remove or reverse any information shared by the malicious threat during the attack. If your malicious attack includes wrongful posting, information sharing, or communication, go through and reverse the outreach. Remove any posts and wipe your websites of any wrongful content that was shared.
  • Identify and notify anyone with personal information or data impacted by the incident. Working directly with your legal team, you will also have to identify and notify those with information impacted during the breach. This could include customers, vendors, partners, or individuals. Additionally, if any PHI or health records were impacted, you will have to notify the FTC and other federal organizations. 
  • Prep and launch a public response to the incident. Once you are aware of the incident, you will want to mobilize your public response plan as soon as possible. It’s always better to be the first one to announce a data breach rather than have your customers or vendors come to you asking questions. Stay one step ahead by anticipating questions and sharing a detailed response with the public.  


Reducing the likelihood of future attacks

While planning your response for a data breach may feel counterproductive (after all, your security controls are in place to prevent these things from happening), having a contingency plan can help reduce the likelihood of attacks. By mapping out exactly how you will respond to a breach, your team can identify any potential gaps in your InfoSec strategy and proactively respond to these issues in advance of a malicious attack.

You can learn more about building a comprehensive risk management strategy here.

data breach vendor assessment security profile vendor security review data protection third party risk mgmt

About the author


The latest insights and updates on information security and third party risk management.

Hate security reviews?
Want FREE AirPods?*

Offer valid for any decision-maker/influencer in relation to your company’s third-party risk management strategy. Company size must exceed 100 employees. Exclusions apply. Limit 1 pair per company.