{ Banner Image }

Law@Work

First things first: What to do when a potential breach has been discovered

Just like you are going to find water before you find you have a leaking pipe, before a business discovers its data has been breached it is going to discover evidence that suggests there has been a breach. This is a critical time frame to “shut off the valve” because the decisions a business makes while the breach is being investigated will shape the risks, liability, and costs the business will face in the event the breach is confirmed. Businesses that fail to take the appropriate steps upon discovery of a breach only exacerbate the damages and create additional avenues of potential liability. Now that you know that, how are you going to know how to react unless you have a plan in place first? The answer is that you are not going to know how to react and, short of blind luck, you are going to make the problem worse. Plan now so you don’t regret it later.

If there is any suggestion that your data has been compromised, take steps to secure ALL of your data. Depending on how it is configured, this may mean moving data or employing a host of increasingly sophisticated ways to lock it down. If you cannot immediately identify the source of the alleged breach, just shut it down, or at least, shutdown as much as you can and as much seems reasonable?

Are you really saying I should “stop the presses” when I cannot even be sure is there’s been a breach? You bet I am, at least, sometimes. For some businesses, the reputational and legal risks of exposing additional data outweigh the costs of a temporary shutdown. According to the 2014 Cost of Data Breach Study: Global Analysis, sponsored by IBM, the average cost to a company to investigate, notify customers/employees, and respond to a data breach was $3.5 million, and that figure is rising every year in most countries. The extent of a business’s loss often turns on when the business “knew or should have known” of a breach and what it did from that point forward. The key point is: you need to be sure you know of a breach at the time that the law says you should have known.

This does not mean you have to sound the alarm bell before you know or should have known of a breach. Businesses have a right, and a duty, to investigate circumstances that suggest their data has been exposed before the duty to serve notice arises, BUT the savvy business can mitigate risks and liability by, at least, closing suspect valves while it looks for the leak.

Recent News

Jump to Page

Cookie Preference Center

Your Privacy

When you visit our website, we use cookies on your browser to collect information. The information collected might relate to you, your preferences, or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. For more information about how we use Cookies, please see our Privacy Policy.

Strictly Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Functional Cookies

Always Active

Some functions of the site require remembering user choices, for example your cookie preference, or keyword search highlighting. These do not store any personal information.

Form Submissions

Always Active

When submitting your data, for example on a contact form or event registration, a cookie might be used to monitor the state of your submission across pages.

Performance Cookies

Performance cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.

Powered by Firmseek