Data Breach Response Guide
Preparation Is The Best Defence

With 267 million records being exposed in data breaches in 2012, experiencing a breach may be inevitable, but the bank-breaking costs often associated with them doesn’t have to be. In fact, a Ponemon study reveals that organizations can greatly reduce the cost of a data breach by having an incident response plan, a strong IT security posture and a Chief Information Security Officer.

That’s why this Response Guide is a vital tool that can be used in defense against data breaches.

Inside, you’ll learn why it’s important to have an incident response plan, how to create one and what to do during the first 24 hours of a breach. 

We’ll explain what you need to know about notifying your customers, patients or employees. The guide also has the latest information on the HIPAA Omnibus Rule and upcoming federal legislation on breach notification laws. After you create your response plan, it’s important to test and update it. Recommendations for updating your plan are included in this publication, along with some helpful resources.

So please, take a little time to review this guide, and if you don’t have an incident response plan, use this to help create one. It could mean the difference between a breach that causes a brief disruption and one that causes a major meltdown.

Cyber Risk Series:  Beazley Underwriter says a breach alone is not a disaster, but mishandling it is.


Stan Stahl, President of Citadel Information Group, sits with Serene Davis, an Underwriter with Beazley, to discuss cyber breaches and what companies can do to protect themselves from a major loss.


Ms. Davis believes there are more breaches happening because there “was a time when storing customer records was… a cost of doing business.  Now information is valuable. Companies hold on to this information and mine it for data they can be used for analytics, and can sell it to third parties.” Companies are also going online with data as records are becoming digital. Records are being aggregated and stored in one place making it easier for someone to find.   Another reason more breaches are being reported is that companies are legally required to do so.


20-30% of all cybercrime hits small businesses, and 60% of all those businesses go out of business within 6 months after a cyber breach.  According to Ms. Davis, companies need to be proactive.  They need a breach plan in place and should purchase a cyber liability policy that will allow them to “successfully manage the breach. A breach alone is not a disaster, but mishandling it is".


For more information on cyber risk, visit the Worldwide Facilities website or On Demand Library.

Is Your Company Ready For a Big Data Breach?

The latest study from the Ponemon Institute, sponsored by Experian® Data Breach Resolution

How prepared is your company for a material data breach involving the loss or theft of more than 1,000 records containing sensitive or confidential business information? How would you grade the incident response plans in place that would reduce such negative consequences as the loss of reputation, customer loyalty and regulatory fines?

In a new study sponsored by Experian® Data Breach Resolution, Ponemon Institute surveyed a representative sample of privacy and compliance leaders in various-sized organizations in the United States on the following topics:

  • Expectations that their organizations will experience a material data breach resulting in loss
  • of customer trust, regulatory fines, loss of customer and negative public opinion
  • Data security practices in place to avoid a material data breach
  • The existence of a quality data breach preparedness plan
Read More:

How To Manage a Data Breach





 Data Breach Response Guide
 By Experian® Data Breach Resolution 2013-2014 Edition





Download The Report

Data Breach Response Guide 

By Experian Data Breach Resolution 2014-2015 Edition




Experian Data Breach Response Planning

Risks & Costs associated with a Data Breach