Become data breach ready

//Become data breach ready

Are you ready to handle a data breach? It’s important to be fully prepared to take immediate action when a data breach happens. Your response should be quick, comprehensive, and effective. We can help you get ready to respond to a data breach correctly with our Information Security Compliance Programme.

Why is it important to be ready for a data breach?

Information has value. It’s worth something to you and your customers – which is why you take steps to secure it. But, it’s also valuable to malicious hackers, fraudsters, and other criminals. They’ll stop at nothing to get their hands on your precious information and exploit it for their own ends. Any successful organisation that processes significant amounts of personal information is a target. Whether its social engineering, code injection, or malware – sooner of later, your organisation will suffer a data beach. Will you be ready? It’s important to be fully prepared to take immediate action when someone gains unauthorised access to your data. If you aren’t, the investigations could cripple your business, the loss of customer confidence could ruin your reputation, and legal fallout could cost you dearly – in both time and money.

Data breaches are happening more and more frequently with the media reporting new incidents of unauthorised access to personal information every other day. Your organisation may be next. Will you be ready when it happens?

How should you be ready to respond to a data breach?

Data protection laws generally require you to:

  • report any data breach to the authorities and the people whose personal information was exposed in the breach
  • investigate the facts of the breach yourself
  • cooperate with the authorities in their investigation of your organisation
  • document the effects of the breach
  • take remedial action to mitigate the effects of the breach

You need to do all these things as soon as reasonably possible in the circumstances (some authorities require you to report the breach within 72 hours). The authorities also typically have wide powers of search and seizure and can often come onto your premises, image your hard drives, and interrogate your staff to get to the bottom of the data breach – which can put your business into shock and prevent you from carrying out the activities that make you money,

So, your response needs to be:

  • quick – you have no time to lose, the longer you take to act on a data breach the more damage can be done and the authorities may take exception if you take too long to report it
  • comprehensive – you have to address all the concerns caused by the data breach and will likely have to respond to your customers, the media, and the authorities (if you respond to the authorities with sufficient clarity, they may decide not to investigate your organisation)
  • effective – you must respond appropriately to the breach depending on its severity and successfully deal with the consequences

What can help you get ready for a data breach ?

We can help you prepare to respond quickly, comprehensively, and effectively with our Information Security Compliance Programme. It’s a four week online course with related tools to help your organisation comply with information security law. If you join it, you’ll be able to:

  • participate in a live webinar each Tuesday at 10h00 during February 2018
  • review the course notes and videos of each webinar in a special members area of our website
  • and download information security tools including our list of action items, information security policy, and incident response policy

The first three weeks of the course aim to prevent you from ever having a data breach. But, if you do – the last module ties it all together and gets you ready to respond with speed, in a comprehensive way and effectively. We’re offering an introductory price of only R9 927 incl. VAT if you sign up and pay before 30 November 2017.

Don’t get caught unawares – enquire now.

By | 2017-11-17T07:31:26+00:00 November 14th, 2017|Categories: Information Security Law|