A data breach is the release of private, confidential or secure information to an untrusted environment. Data breaches can be intentional and unintentional and vary in severity. One of the first steps when developing a data breach response plan is defining what your organization considers a breach. Your recovery teams will need to take action to mitigate the impact of the breach as much as possible. This ensures that the breach does not spread and all data is secured.
You will need to decide what level of severity will set your plan in action. A small breach (such as exposed information as a result of a phishing email) may not need a full-blown response. Attacks that cause a more serious disruption can also happen. These breaches may include widespread theft or exposure of sensitive information.
If a data breach happens at your organization it’s important to have a plan set in place ahead of time to contain the situation. A data breach response plan provides your business with a detailed set of instructions to follow in the event of a security breach. Put all affected machines, devices and systems on lockdown. Change any passwords or encryption keys immediately. As always, only use a trusted source and store this information securely.