News

LEARN FROM A DATA BREACH

26/09/2019

The following are key thoughts and actions Comsure walked a client through after a recent data breach

  1. Report data violations promptly in line with data protection laws and regulatory responsibilities 
    1. there should be accountability and data security should be a priority.
  2. Implement controls and safeguards to mitigate the risks 
    1. for example, by promoting a security culture, providing training, adopting extra precautions with databases, raising awareness of types of risks via refresher training, encouraging people to double-check recipients' email addresses, and so on.
  3. Don't be complacent 
    1. ICO statistics show charity data breaches doubled in 2017/2018 with 148 reported incidents. 22% of charities also experienced a cyber breach in the last 12 months, according the government's Cyber Security Breaches Survey 2019, with 39% experiencing at least one breach or attack a month.
  4. Remember, small actions can have big consequences 
    1. simple human error can result in personal data being exposed. Think about the best ways of preventing that.
  5. Create the right culture - make it clear to your team that any security breach (however minor) matters.
    1. Customers have entrusted us with their personal information so we must instil confidence and reassure them that we're doing our utmost to safeguard it.
  6. Slow down  
    1. rushing and performing semi-automated activities (eg mail mergers, automated report processing) can make us more prone to mistakes. Stop and check exactly what is being sent and to whom.