Get a free quote
For More Information: (800) 731-1909
Posted Sep 30th, 2015

You’ve Got a Data Breach Response Plan. Now What?

The Experian Data Breach Resolution has released its annual 2015-2016 data breach response guide. New content focuses on ways that organizations can take their plans to the next level. While many businesses have developed solid data breach response plans, a study by Ponemon Institute found that most organizations have not discussed or practiced their plans enough. According to the Experian news release, which can be found here, 41% of surveyed executives said that they do not have time scheduled to review or update their plan, and 37% have not reviewed their plan since it was put into place.

“A response plan in a binder does not really prepare a company for handling a breach,” said Michael Bruemmer, vice president at Experian Data Breach Resolution. “Organizations need to develop what if’ scenarios that require a plan ‘B‘ and ’C‘. This is important because a breach may be intended to damage a company’s reputation, for extortion purposes or to compromise customers’ reputations. How should unique circumstances be managed? It should all be part of the plan.”

The complimentary Guide can be downloaded at

Some of the Guide’s new content includes more step-by-step instructions, checklists and a preparedness quiz. Organizations that have not developed a plan yet will find the guide also offers content addressing the notification process, how to select external vendors and the public relations component of a breach response.

For additional data breach resources, including Webinars, white papers and videos, visit Read the Experian Data Breach Resolution blog at”

76 percent

What can your organization do to protect itself from the risks and high costs associated with data breaches? Obviously, no company or government agency is completely immune to a potential data breach, but there are some important steps to take to minimize risk:

  • Encrypt sensitive data
  • At IT assets’ end-of-life, shred hard drives and other data-containing equipment such as smart phones
  • Have a well thought out incidence response plan in place
  • Update the plan regularly
  • Discuss the plan thoroughly and be sure that it includes “what if” scenarios
  • Use scanning technology to monitor your network for vulnerabilities
  • Provide periodic security awareness training for employees


Comments are closed