One day you go into work and the nightmare has happened. The company has had a data breach. This scenario plays out, many times, each and every day, across all industry sectors. In 2019, cybercriminals were hard at work exposing 15.1 billion records during 7,098 data breaches.
When you walk into work and find out that a data breach has occurred, there are many considerations. One of these is when and how do you go about reporting a data breach.
What should a company do after a data breach?
You mean feel like you want to run around screaming when you hear about a data breach, but you shouldn’t. How to deal with a data breach should already be part of your security policy and the next steps set out as a guide to keeping your sanity under pressure.
Each organization will have its own set of guidelines on dealing with breached data, be that maliciously or accidentally exposed. But typical steps will involve:
Knowing what has been breached and how: This may take some time, but you need an understanding of the root cause of the breach and what data was exposed Clean-up operations: From the evidence