Data and privacy

Infographic: Five vital steps to deal with a data breach

Despite everything we do to prevent them, data breaches happen to the best of us. If it happens, check you’ve done these five things.

Share article

Things can be frantic when you’re dealing with a data breach. While swiftly diagnosing the problem and communicating clearly with everyone who needs to know, it’s easy to miss something that could have serious consequences later. Use these five pointers to make sure you’ve done the right thing after a data breach.

1.  Assess the situation

First, assess the data breach’s risk to customers. Risk assessment lets you decide the next steps, including whether to report the breach. If it’s a high risk to customers, you must inform them without undue delay, perhaps even before reporting to authorities.

2.  Be transparent and helpful

Don’t try to cover up the breach or hide details from those affected. If you hide things, you may see customers losing trust in your business on top of negative news coverage. When you tell customers what happened, give them advice on what to do next.

3.  Document everything

Document every data breach, even if you don’t have to report it. Record what happened, the steps you took and why the breach was reported or not reported.

4.  Learn from it

Once you identify the cause, fix it. Next, make sure all staff receive training in how to prevent future breaches. Human error causes most data breaches.

5.  Make sure you notify everyone affected

If you’re processing data for other organizations, don’t forget to tell them about the breach. They will have steps they must take too.

Using these five pointers after a data breach will help your business get back on its feet sooner rather than later. Communicating swiftly and clearly with customers and partners is all-important in limiting the breach’s impact on your business. It may happen to even the most cybersecurity-conscious organizations, but there’s still a lot you can do to prepare. Equipping your employees with cybersecurity skills and knowledge is crucial to ensuring your customers’ data stays safe in future.

Kaspersky Incident Communications

Give your corporate communications team the skills to operate at their best during a cyberattack.

About authors

Kira Rakova is Communications Manager at Undatify. She is passionate about using social media for social good, mental health and empowering people to make meaningful choices about their digital lives.