LEARN FROM A DATA BREACH
The following are key thoughts and actions Comsure walked a client through after a recent data breach
- Report data violations promptly in line with data protection laws and regulatory responsibilities
- there should be accountability and data security should be a priority.
- Implement controls and safeguards to mitigate the risks
- for example, by promoting a security culture, providing training, adopting extra precautions with databases, raising awareness of types of risks via refresher training, encouraging people to double-check recipients' email addresses, and so on.
- Don't be complacent
- ICO statistics show charity data breaches doubled in 2017/2018 with 148 reported incidents. 22% of charities also experienced a cyber breach in the last 12 months, according the government's Cyber Security Breaches Survey 2019, with 39% experiencing at least one breach or attack a month.
- Remember, small actions can have big consequences
- simple human error can result in personal data being exposed. Think about the best ways of preventing that.
- Create the right culture - make it clear to your team that any security breach (however minor) matters.
- Customers have entrusted us with their personal information so we must instil confidence and reassure them that we're doing our utmost to safeguard it.
- Slow down
- rushing and performing semi-automated activities (eg mail mergers, automated report processing) can make us more prone to mistakes. Stop and check exactly what is being sent and to whom.