How to Respond to a Data Breach

By Joe Keenan

What to Do
Einstein offered multiple tips for retailers to mitigate the impact to their business from a data breach:

Adopt a WISP - written information security program. This can reduce your potential exposure to a breach by up to 25 percent, Einstein said.
Encrypt data that's transmitted.
Ensure that all of the third-party vendors that you work with comply with your company's data security standards. Einstein noted that in most retail data breaches a third party is responsible for the compromised data, not the retailer itself.
Spell out who is on the data security/breach response team. Legal counsel should always part of the team.
Have form documents ready to go in the event of a breach rather than having to write them from scratch.
Draft a PCI security incident response plan. This is good to have, but don't rely on this solely, Einstein cautioned.
Investigate purchasing cybersecurity insurance. Be sure to find out the specific cost coverage you'll receive - e.g., will investigative and notification costs be covered - as well as what the exclusions are. And of course you'll want to find out the cost of the premium.

« Previous 1 2 3 4 5 All

0 Comments

View Comments

People:
Martin Einstein

Joe Keenan Author's page Joe Keenan is the executive editor of Total Retail. Joe has more than 10 years experience covering the retail industry, and enjoys profiling innovative companies and people in the space.