Data Breach Handling Considerations

- Have data classification schemes and use them, know what data you have.
- Must make sure that policies and procedures are actually followed.
- Secure “essentials” first, then move on to “excellent” security practices
- Secure partner connections. Many break-ins start with sub-sub-sub vendors.
- Create data retention plan, detailing how long to keep data.
- Have a plan to respond to data breaches, a breach incident response plan
- Conduct mock incident testing, even if only desk testing
- Put firewalls WITHIN the organization between divisions
- Stop communication of sensitive data through establishment of data zones.
- Monitor Event Logs
- Don’t rely on standards.

All the big names that got customer data stolen (we heard about from newspapers) were all PCI compliant.