There are many steps you can take to recover after suffering a data breach. Alan Calder explains the best courses of action.
Although sensible organisations can go a long way towards reducing the likelihood and impact of a data breach, no level of security can ever completely mitigate the risk of an incident. After all, data is only entirely secure when it is entirely inaccessible – even to its intended users. It’s therefore essential to have processes in place to ensure that if you do suffer a breach you are in the best possible position to handle it.
At a corporate level, many interested parties will need to be involved in this process, so it is essential to establish who is responsible for what by creating an incident management process.
A good approach is to follow the steps listed by the Information Commissioner’s Office (ICO), which you can remember with the mnemonic CANER: contain, assess, notify, evaluate and respond.
Full article only available to IT Faculty members and subscribers to Faculties Online.