Slideshow 12 questions to assess your data breach response capability

  • April 14 2016, 2:02am EDT
8 Images Total

A new Data Breach Response Guide from Experian, which offers breach recovery services, walks through a myriad of processes for putting together an enterprisewide plan to prepare for and respond to a breach, and then put the plan into motion when an incident occurs.

Areas covered include communicating to the C-Suite, creating a plan, practicing the plan, responding to a breach, auditing the plan, and a quiz with core questions to assess present preparedness. “If you answer NO more than once or twice, you and your team should immediately address the gaps to get fully prepared,” according to Experian.

Response Planning

Do you have an internal response team assembled? If you have a preparedness plan in place, have you updated, audited and tested your plan in the last 12 months?

Content Continues Below

Key Partners

Have you identified third-party vendors and signed contracts to engage in the case of a breach? Do you have a relationship with relevant state attorneys general to contact in the case of a breach and ensure you are following state guidelines?

Notification & Protection

Have you identified what your breach notification process would look like and have the proper contact lists for employees and patients in place to activate quickly? Have you evaluated identity theft protection services to offer to affected parties if you experience a data breach?

Security Planning

Have you taken inventory of the types of information you store that could be exposed during a data breach? Do you have the technologies and processes in place to conduct a thorough forensic investigation into a cyber security incident?

Content Continues Below


Have you developed a communications incident response plan including drafts of key media materials that will be useful during an incident (e.g., statements and Q&A)? Have you media-trained your spokespeople and executives specifically on security matters?

Training and Awareness

Have you conducted a data breach crisis table top exercise or simulation to test how effectively your company would manage a major incident in the last 12 months? Have you conducted employee training to apply security best practices in the last 12 months?

Learn More

The Experian breach response guide is available here.