{"id":155,"date":"2017-07-21T21:11:38","date_gmt":"2017-07-22T01:11:38","guid":{"rendered":"https:\/\/www.amp.legal\/blog\/?p=155"},"modified":"2019-01-04T16:31:53","modified_gmt":"2019-01-04T21:31:53","slug":"response-plan-for-a-data-breach","status":"publish","type":"post","link":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/","title":{"rendered":"Response Plan For A Data Breach"},"content":{"rendered":"

To rise above the aftermath of a data breach, a business needs to prepare\u00a0a contingency plan. Whether a company discovers a system intruder or becomes infected with malware, the damage must be minimized.<\/p>\n

An Incident Response Plan (IRP) should be in place to quickly rollout a recovery procedure. An IRP focuses\u00a0on actions to prepare and recover\u00a0from a breach. A manager developing an IRP should consider\u00a0five important objectives:<\/p>\n

    \n
  1. Preparation<\/strong>: Designate\u00a0responsibilities and establish procedures to handle an incident.<\/li>\n
  2. Detection<\/strong>: Identify an incident early and analyze the cause\u00a0of the incident.<\/li>\n
  3. Investigation<\/strong>: Apply resources to identify the intruder and mitigate any damage.<\/li>\n
  4. Restoration<\/strong>: Return operations to normal and reduce losses by containing the incident.<\/li>\n
  5. Resolution<\/strong>: Determine corrective actions and provide guidance to management.<\/li>\n<\/ol>\n

    \"\"Cyber Breach Aftermath<\/h3>\n

    Once the situation is under control and operations are returned to normal, the designated manager must immediately deal with the aftermath. First, the\u00a0manager\u00a0should report the intrusion to the police. Next, the manager should evaluate the damage and notify any insurance carriers. State officials may also need notification if required under state law.<\/p>\n

    If the intruder compromised any personal information, the victims will need to receive a breach notification letter. Many state breach laws<\/a> require reporting the breach to the credit bureaus depending on the number of victims. Finally, the company should offer victims theft prevention services as a courtesy, such as credit monitoring, identity protection, and access to a call center for assistance.<\/p>\n

    Every company should take extreme care with handling a data breach. Recovery may involve more than simply restoring\u00a0backups. As a business strategy, how\u00a0a company handles a breach will reflect on its branding and goodwill with the public. Importantly, if a breach happens, having an IRP in place could make the difference between crashing the\u00a0business or\u00a0sailing to a full recovery.<\/p>\n","protected":false},"excerpt":{"rendered":"

    To rise above the aftermath of a data breach, a business needs to prepare\u00a0a contingency plan. Whether a company discovers a system intruder or becomes infected with malware, the damage must be minimized. An Incident […]<\/p>\n","protected":false},"author":1,"featured_media":170,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[27],"tags":[30,31,25],"yoast_head":"\nResponse Plan For A Data Breach - Cyber Law Blog<\/title>\n<meta name=\"description\" content=\"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Response Plan For A Data Breach - Cyber Law Blog\" \/>\n<meta property=\"og:description\" content=\"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/\" \/>\n<meta property=\"og:site_name\" content=\"Cyber Law Blog\" \/>\n<meta property=\"article:published_time\" content=\"2017-07-22T01:11:38+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-01-04T21:31:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/07\/skyballon.png\" \/>\n\t<meta property=\"og:image:width\" content=\"900\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/\"},\"author\":{\"name\":\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f\"},\"headline\":\"Response Plan For A Data Breach\",\"datePublished\":\"2017-07-22T01:11:38+00:00\",\"dateModified\":\"2019-01-04T21:31:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/\"},\"wordCount\":312,\"publisher\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#organization\"},\"keywords\":[\"breach response\",\"business\",\"data breach\"],\"articleSection\":[\"Cyber Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/\",\"url\":\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/\",\"name\":\"Response Plan For A Data Breach - Cyber Law Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#website\"},\"datePublished\":\"2017-07-22T01:11:38+00:00\",\"dateModified\":\"2019-01-04T21:31:53+00:00\",\"description\":\"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.amp.legal\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Response Plan For A Data Breach\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#website\",\"url\":\"https:\/\/www.amp.legal\/blog\/\",\"name\":\"Cyber Law Blog\",\"description\":\"Exploring technology law in cyberspace\",\"publisher\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.amp.legal\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#organization\",\"name\":\"Alice M. Porch, P.A.\",\"url\":\"https:\/\/www.amp.legal\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png\",\"contentUrl\":\"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png\",\"width\":1104,\"height\":1114,\"caption\":\"Alice M. Porch, P.A.\"},\"image\":{\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f\",\"name\":\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g\",\"caption\":\"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+\"},\"description\":\"Alice is a member of the Florida Bar, and she focuses on data privacy and cybersecurity compliance. She attended the Warrington College of Business at the University of Florida and earned a Bachelor of Science in Business Administration. After graduating, she earned a Juris Doctor at the Stetson University College of Law. During law school, she served as an Assistant Executive Editor for Stetson Law Review and also as a Staff Editor for Stetson Journal of Advocacy and the Law. She also served as a member of The Florida Bar Journal\/News Editorial Board from 2018-2024. She is currently a member of the Florida Bar Cybersecurity and Privacy Law Substantive Law Committee.\",\"sameAs\":[\"https:\/\/www.aliceporch.com\",\"https:\/\/www.linkedin.com\/in\/alice-m-porch\/\"],\"url\":\"https:\/\/www.amp.legal\/blog\/author\/amplegal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Response Plan For A Data Breach - Cyber Law Blog","description":"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/","og_locale":"en_US","og_type":"article","og_title":"Response Plan For A Data Breach - Cyber Law Blog","og_description":"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.","og_url":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/","og_site_name":"Cyber Law Blog","article_published_time":"2017-07-22T01:11:38+00:00","article_modified_time":"2019-01-04T21:31:53+00:00","og_image":[{"width":900,"height":525,"url":"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/07\/skyballon.png","type":"image\/png"}],"author":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/#article","isPartOf":{"@id":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/"},"author":{"name":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f"},"headline":"Response Plan For A Data Breach","datePublished":"2017-07-22T01:11:38+00:00","dateModified":"2019-01-04T21:31:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/"},"wordCount":312,"publisher":{"@id":"https:\/\/www.amp.legal\/blog\/#organization"},"keywords":["breach response","business","data breach"],"articleSection":["Cyber Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/","url":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/","name":"Response Plan For A Data Breach - Cyber Law Blog","isPartOf":{"@id":"https:\/\/www.amp.legal\/blog\/#website"},"datePublished":"2017-07-22T01:11:38+00:00","dateModified":"2019-01-04T21:31:53+00:00","description":"Cyber Law Blog explores legal topics with technology including privacy law and cybersecurity.","breadcrumb":{"@id":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.amp.legal\/blog\/response-plan-for-a-data-breach\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.amp.legal\/blog\/"},{"@type":"ListItem","position":2,"name":"Response Plan For A Data Breach"}]},{"@type":"WebSite","@id":"https:\/\/www.amp.legal\/blog\/#website","url":"https:\/\/www.amp.legal\/blog\/","name":"Cyber Law Blog","description":"Exploring technology law in cyberspace","publisher":{"@id":"https:\/\/www.amp.legal\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.amp.legal\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.amp.legal\/blog\/#organization","name":"Alice M. Porch, P.A.","url":"https:\/\/www.amp.legal\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png","contentUrl":"https:\/\/www.amp.legal\/blog\/wp-content\/uploads\/2017\/08\/AMP-Logo.png","width":1104,"height":1114,"caption":"Alice M. Porch, P.A."},"image":{"@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/2abed582dc9fbf067a8aa30d3e21453f","name":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.amp.legal\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b0913e4ef042f9c502b709824db43e8f?s=96&d=mm&r=g","caption":"Alice M. Porch, Esq., CIPP\/US, C|EH, Security+"},"description":"Alice is a member of the Florida Bar, and she focuses on data privacy and cybersecurity compliance. She attended the Warrington College of Business at the University of Florida and earned a Bachelor of Science in Business Administration. After graduating, she earned a Juris Doctor at the Stetson University College of Law. During law school, she served as an Assistant Executive Editor for Stetson Law Review and also as a Staff Editor for Stetson Journal of Advocacy and the Law. She also served as a member of The Florida Bar Journal\/News Editorial Board from 2018-2024. She is currently a member of the Florida Bar Cybersecurity and Privacy Law Substantive Law Committee.","sameAs":["https:\/\/www.aliceporch.com","https:\/\/www.linkedin.com\/in\/alice-m-porch\/"],"url":"https:\/\/www.amp.legal\/blog\/author\/amplegal\/"}]}},"_links":{"self":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts\/155"}],"collection":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/comments?post=155"}],"version-history":[{"count":30,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts\/155\/revisions"}],"predecessor-version":[{"id":897,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/posts\/155\/revisions\/897"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/media\/170"}],"wp:attachment":[{"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/media?parent=155"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/categories?post=155"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.amp.legal\/blog\/wp-json\/wp\/v2\/tags?post=155"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}