Milwaukee, WI · Washington, DC · Boston, MA

  1. Crisis Mode
  2. Data Security Measures
    1. Preparing For The Inevitable
      1. Building a Data Breach Plan
        1. Planning for the Initial Response/Investigation
          1. Social Engineering
          2. Develop an Investigation Plan
          3. Involve Appropriate Company Resources
        2. Building a Notification Plan
          1. Understanding The Laws
            1. State Laws
          2. Who Must Be Notified?
          3. How Will Notifications Be Completed?
        3. Media Issues
          1. Media Plan
          2. Dealing With The Media
        4. Government Agency Issues
          1. Creating a Government Response Plan
          2. Dealing With Government Inquiries
          3. Developing Relationships
        5. Customer/Consumer Issues
          1. Customer Retention Plan
          2. Customer Response Plan
        6. Building Relationships with Vendors/Suppliers
      2. Implementing a Data Breach Plan
        1. Coordinating among Company Departments
        2. The Role of Legal Counsel
      3. Testing a Data Breach Plan
        1. Assessing the Plan
        2. Mock Exercises
        3. Alter/Update as Needed
      4. Assessing Your Data Breach Vulnerabilities
        1. Catalog Your Personal Information
        2. Developing a Company Training Process
        3. Understanding Privacy Promises
        4. Preparing for the Unexpected
        5. Assessments/Audits
        6. Establishing a Point of Responsibility
        7. The Role of Legal Counsel

Develop an Investigation Plan

An Investigation Plan is an essential tool in your data breach protection kit. It provides the structure around which you will conduct the investigation and remediation of any data breach incident. The plan must be flexible to respond to the various types of data breaches that can occur, yet specific enough to account for the individual systems and data maintained by your organization.

There are a variety of considerations that must be analyzed when constructing the Investigation Plan, which are themselves dependent upon the organizational structure of your company and the type of data breach incident that you may be facing. Is this a hacking incident? Lost or stolen laptop? Caused by Employee misuse? In many respects the type of breach will dictate the manner of response.

For example, a hacking incident will immediately require computer forensics work to determine the type of attack, how it occurred, and how it can be prevented in the future. In addition, the extent of the damage, that is, the individuals affected by the breach and the type of information improperly accessed, must be identified.

While the computer techs are busy tracking down and plugging security holes, customer service representatives must be educated as to the type of incident, the planned response, the numbers affected, and the timeline of notification and remediation efforts.

Legal counsel, of course, supports and facilitates these efforts. A crucial aspect of this assistance involves ensuring that evidence of the incident and remediation is collected in a method that is forensically valid and legally sufficient. You must ensure that any evidence collected will be admissible should the matter ever be litigated (either against the person who committed the crime or in defense of a lawsuit brought by irate consumers).

An Investigation Plan is a vital weapon in the never-ending war on hackers and other computer security threats. Implementing proactive measures today will provide a smoother and more structured response to data breach incidents in the future.