LS Response – a tactical approach to handling privacy and cyber security incidents
Privacy and cyber security incidents come in many different forms. Attacks by hackers using technical expertise are usually the first thing that comes to mind. They are the stuff of headlines and film plots. But some of the biggest threats are more mundane and come from within. Think disgruntled or rogue employees. People are also prone to carelessness. Simple human error, such as a misdirected email or misplaced laptop, has the potential to cause just as much damage as an exploit by a hacker. As does a system glitch.
Whatever the cause, in a connected, always-on world, threats are constant and come from every direction. A recent government survey found that nearly half of UK businesses suffered a ‘data breach’ in 2016 – and that’s just the ones those businesses know about or are prepared to tell outsiders. Mandatory breach reporting, which comes into effect from May 2018, will only increase public awareness of incidents suffered by organisations, as well as any shortcomings. With each incident that makes headlines, another organisation draws fire, harming its brand and reputation, not to mention its bottom line.
Organisations can also reap the commercial benefits of preparation in training and educating staff, and creating appropriate policies and procedures, ready to be put into effect if the worst does happen.
And at any time. Whilst you can’t control when a privacy incident might take place, you can plan how you will respond to it. Planning reduces the impact of an incident, and helps prevent it from spiralling into a disaster. Ultimately, planning saves money: research shows that it reduces the costs associated with an incident, including in loss of business. In some cases, it can save a business from ruin.
The ‘it won’t happen to us’ approach or leaving incident response to IT colleagues are no longer risk mitigation strategies that pass muster or that align with statutory obligations. Measures to be introduced from May 2018, such as fines of up to €20 million or 4% of global turnover, put that beyond doubt and are designed to make data privacy a board-level issue.
We’re in it together
Responding to a privacy incident quickly and efficiently requires drawing on specialist skills which you won’t necessary have within your organisation. Dealing with an incident is stressful enough without having to identify, instruct and liaise with various external advisors. That’s why we’ve assembled a team of experts in fields such as IT, security, insurance and public relations, and keep them on standby to help when needed. Together, but with Lewis Silkin as your single point of contact, we cover all the angles and provide a seamless solution. So let us do the heavy lifting.
LS Response is an end to end solution to guide you through the before, during and after of a privacy or cyber security incident.
Download our LS Response Inbrief here.
Download our LS Response checklist here.