A Guide for Businesses After Experiencing a Cyber Breach

February 07, 2022

In the digital age, many aspects of our daily lives now happen online. This includes communications, purchases, and work — all of which entail the online transmission of sensitive personal information. It’s no surprise, then, that criminals have become savvy to the wealth of information that can be accessed and exploited through cyber attacks. If your company has been one of the more than 1,000 targets per year that sustain a security breach, you need to know what to do. What steps should companies take if a data breach has occurred within their organization? Read on to learn the answer to this question and how cyber security insurance can mitigate your company’s exposures.

Repair Your Vulnerabilities

What are the five steps to handling a data breach, and where should a compromised company start when facing a leak? The very first step should be repairing the vulnerabilities that allowed the attack to occur in the first place. If the attack occurred due to a widely circulated phishing email, for example, the first course of action should be eliminating the email from all company inboxes. If the attack was caused by a compromised security certificate, the certificate should be updated and reinstated immediately.

Assemble a Response Team

Once the initial vulnerability has been identified and rectified, your company should assemble a response team to further handle and mitigate the crisis. This response team should include your company’s security experts, IT personnel, and customer service specialists. Together, these staff members should devise a plan for communicating with any affected clients, preventing any further attacks from occurring in the future, and handling the damage that will occur in the immediate aftermath of the breach. An official set of guidelines should be established by this breach response team.

Get Advice From Your Lawyers

Unfortunately, a security breach is likely to escalate into a legal issue — especially if the breach affected sensitive personal information from your company’s clients. In order to get ahead of this development and implement a plan, you should consult with your company’s legal representation as soon as possible. In some cases, your cyber security insurance policy issuer may appoint lawyers to provide specialized counsel. Regardless of whether you consult your own attorneys or an appointed counsel, you should be honest about the extent of the breach.

Contain Any Information Leaks

A cyber security breach may result in the publication of personal information online. This might include publication on your own company website or on other sites on the web. You should first verify that your own website does not contain any sensitive leaked data, and then you should search the web to find any other sites that may have published the information. If you happen to find leaked information inappropriately posted online, contact the administrator and formally request removal.

About Brooks, Todd & McNeil

Since 1839, the independent agents at Brooks, Todd & McNeil have been pleased to offer our community the best and most affordable policies from a variety of providers. Our dedicated facilitators are ready to put their 75 years of combined experience to work on your claims. To learn more about our products and services, contact us today at (800) 448-4567.