ICAEW.com works better with JavaScript enabled.

Preparing for the worst

There are many steps you can take to recover after suffering a data breach. Alan Calder explains the best courses of action.

Although sensible organisations can go a long way towards reducing the likelihood and impact of a data breach, no level of security can ever completely mitigate the risk of an incident. After all, data is only entirely secure when it is entirely inaccessible – even to its intended users. It’s therefore essential to have processes in place to ensure that if you do suffer a breach you are in the best possible position to handle it.

At a corporate level, many interested parties will need to be involved in this process, so it is essential to establish who is responsible for what by creating an incident management process.

A good approach is to follow the steps listed by the Information Commissioner’s Office (ICO), which you can remember with the mnemonic CANER: contain, assess, notify, evaluate and respond.

Find out more

Members

Full article only available to IT Faculty members and subscribers to Faculties Online.

Non-members

To read the complete article, join the IT faculty or subscribe to Faculties online.