Developing a Data Breach Incident Response Plan

Developing a Data Breach Incident Response Plan

Get Breach Ready with the Help of a Cyber Incident Respond Plan 

Cyber breaches are a very real threat for every business, no matter what the size, location or industry. These days, it’s not a matter of if, it’s a matter of when. Because of our reliance on digital technology, storage, and communications, hackers are getting smarter at stealing vulnerable data. Having a solid data breach response plan in place can make the threat of a security breach less intimidating. A data breach response plan is a course of action intended to reduce the risk of unauthorized data access and to mitigate the damage caused if a breach does occur. Alongside reliable business insurance in Wellesley, MA, a cyber incident response plan can help protect your business.

Planning Ahead

  • Establish a response framework. An effective incident response plan contains a framework for action where key decisions are made ahead of time and don’t have to be made last minute and under pressure.
  • Contact an IT firm. Set up a contract with an IT firm who will assist with setting up firewalls and other security measures for your business.
  • Inform all personnel. The information should be shared with all personnel, including employees and contractors. It can also be part of new hire orientation and routine employee awareness activities.

Steps to Take if a Breach Occurs

  • Determine what was stolen to understand what kind of information was lost in the data breach.
  • Change all affected passwords to prevent further damage. Ask employees to change their passwords and PINs, too.
  • Investigate the breach. Your response team should also continue to monitor the status of the breach.
  • Reach out to all relevant parties. It’s wise to notify your local police. If the theft included Social Security numbers, then major credit bureaus can be of assistance.
  • Identify and secure all affected data, machines, devices, and systems. Isolate and preserve the compromised data. Your network should also be cleaned of malicious code.
  • If your customers’, vendors’ or clients’ information was exposed, be sure to alert the affected individuals. Your public affairs staff should work with legal counsel to word the notification in a straightforward and honest manner.
  • Learn from the breach. Your company should hold a meeting after the recovery phase to refine your data security program and breach response strategy.

Although you cannot completely prevent a data breach from affecting your business, the steps you can take today are critical to how you can recover after a breach. Ignorance isn’t bliss when it comes to cybersecurity. Mitigating digital risks can help you and your business to stay safe. To discuss the cyber insurance options that are available for your business please contact CAV Insurance, serving Wellesley and Newton.


For a cyber liability insurance premium indication, please complete and return this form to us.

CAV Cyber App