ICAEW.com works better with JavaScript enabled.

Preparing for the worst

There are many steps you can take to recover after suffering a data breach. Alan Calder explains the best courses of action.

Although sensible organisations can go a long way towards reducing the likelihood and impact of a data breach, no level of security can ever completely mitigate the risk of an incident. After all, data is only entirely secure when it is entirely inaccessible – even to its intended users. It’s therefore essential to have processes in place to ensure that if you do suffer a breach you are in the best possible position to handle it.

At a corporate level, many interested parties will need to be involved in this process, so it is essential to establish who is responsible for what by creating an incident management process.

A good approach is to follow the steps listed by the Information Commissioner’s Office (ICO), which you can remember with the mnemonic CANER: contain, assess, notify, evaluate and respond.

Find out more


Full article only available to IT Faculty members and subscribers to Faculties Online.


To read the complete article, join the IT faculty or subscribe to Faculties online.