Milwaukee, WI · Washington, DC · Boston, MA

  1. Crisis Mode
  2. Data Security Measures
    1. Preparing For The Inevitable
      1. Building a Data Breach Plan
        1. Planning for the Initial Response/Investigation
          1. Social Engineering
          2. Develop an Investigation Plan
          3. Involve Appropriate Company Resources
        2. Building a Notification Plan
          1. Understanding The Laws
            1. State Laws
          2. Who Must Be Notified?
          3. How Will Notifications Be Completed?
        3. Media Issues
          1. Media Plan
          2. Dealing With The Media
        4. Government Agency Issues
          1. Creating a Government Response Plan
          2. Dealing With Government Inquiries
          3. Developing Relationships
        5. Customer/Consumer Issues
          1. Customer Retention Plan
          2. Customer Response Plan
        6. Building Relationships with Vendors/Suppliers
      2. Implementing a Data Breach Plan
        1. Coordinating among Company Departments
        2. The Role of Legal Counsel
      3. Testing a Data Breach Plan
        1. Assessing the Plan
        2. Mock Exercises
        3. Alter/Update as Needed
      4. Assessing Your Data Breach Vulnerabilities
        1. Catalog Your Personal Information
        2. Developing a Company Training Process
        3. Understanding Privacy Promises
        4. Preparing for the Unexpected
        5. Assessments/Audits
        6. Establishing a Point of Responsibility
        7. The Role of Legal Counsel

Testing A Data Breach Plan

You have decided not to wait until your company is facing an actual data breach incident before you plan on appropriate responses. So you have built your Data Breach Plan, in which you have set-up appropriate response mechanisms. You also have implemented your plan to ensure that every person in your organization knows what to do if that data breach occurs. You think you're ready.

Now, once all of the parts are assembled, you must ensure that your Data Breach Plan will run smoothly and efficiently. The middle of a data breach incident is no time to discover that some individuals or groups are not able to implement their assigned tasks. Testing therefore is a vital part of any Data Breach Plan.

But how do you test the plan under real world conditions? Once a data breach occurs, you will have precious few days (or hours) to investigate and stop the breach from escalating. Every part of your organization must operate as planned.

There are ways to test your plan, however. The following links provide some suggestions to assist you in evaluating your Data Breach Plan:

1. Assessing the Plan
2. Mock Exercises (Testing in Real World Conditions)
3. Alter/Update as Needed