A Collection is a selection of features, articles, comments and opinions on any given theme or topic. It allows you to stay up‑to‑date with what interests you most.
Login here to access your saved articles and followed authors.
We have sent you an email so you can reset your password.
Sorry, we had a problem.
Tags related to this article
Published 25 September 2018
International law firm DAC Beachcroft has today (25 September 2018) launched an online Breach Response Planner to enable organisations to prepare for and manage cyber and data breach incidents.
Accessed via an online portal, the new Breach Response Planner guides users through a five step process to identify internal and external incident response teams, establish response protocols and build a comprehensive breach response plan. A complete plan is included for those who want an off the shelf solution, and may be customised for those that want something more bespoke.
Hans Allnutt, head of cyber and data risk at DAC Beachcroft, explains: "European data protection regulators recommend that organisations that handle personal data should have a plan in place to respond to security breaches. Our Breach Response Planner helps create that plan. If that organisation then suffers a data breach, all their key stakeholders have immediate access, via the online portal, to the information they need, so that they can respond in a focused, swift and measured manner."
The five step process starts with users designating their organisation's internal breach team, followed by those of their external advisors such as legal counsel, IT forensic investigators and communications experts. Users can then add the protocols they will follow when responding to the breach, such as the key objectives and the frameworks for classifying the severity of an incident. Once protocols are set, users can then determine their plan as to how they will: detect, triage and contain the breach, assess the measures that need to be taken and notify affected parties.
The Breach Response Planner includes links to additional supportive material such as a breach severity risk matrix to assess and categorise a breach, a breach incident log, a breach checklist, useful breach scenario case studies, and a summary of the guidance for reporting a breach under the GDPR.
"Any changes to the plan are made in real time, so it is always up-to-date," Allnutt adds. "Hosting it on an external server means it can be accessed any time, from anywhere and on any device. This is particularly useful should a firm experience a breach."
For more details on the Breach Response Planner, you can contact us by email at firstname.lastname@example.org