xcoobee
  • About
  • Solutions
    • Email Guard
    • GDPR Life Cycle Solution
    • Secure File Transfers
    • Frictionless Cookie Management
    • Privacy Support for WordPress
    • Paper-to-Action
    • Innovative Consent Management
  • Features
  • Sign-Up
  • Blog
  • Login
xcoobee
  • About
  • Solutions
    • Email Guard
    • GDPR Life Cycle Solution
    • Secure File Transfers
    • Frictionless Cookie Management
    • Privacy Support for WordPress
    • Paper-to-Action
    • Innovative Consent Management
  • Features
  • Sign-Up
  • Blog
  • Login
Mar 05

Data Breach – What now?

  • March 5, 2018
  • Andrea Smith
  • Feature

Data breaches used to be something we were scared about. Now, they happen nearly daily. The high number and the far reach from the neighborhood kindergarten to the city trash collection, seem to baffle our minds every day.

And, as with many other things, the frequency and scope that we are facing also has made us numb to the dangers and cost. What would have upset a nation a decade ago, barely registers as a blip. The new normal, then, is the scary state of being.

Breaches also are very expensive. You can use our Breach Cost Calculator, to get an idea of how expensive they can be.

Also for edification, CSO online just recently published the 17 bigest data breaches of the 21st century. You will find many a name you recognize on that list.

The Day-2 Problem

So, the conclusion to draw here is not that we will not be breached, but when. In that case we should further ask the question of  “what can we do to better handle breaches when they occur”. After you have found the leak, stuffed it, have collected all the info on impacted customers. What now? At XcooBee we have labeled this problem as the Day-2 Problem.

Ideally you would have an incident response plan, but who really believes that our neighborhood kindergarten has or had one?

The Plan

Just for completeness here is a good overall response to do list:

  • Identify and document internal breach notification procedures
  • Configure incident identification systems
  • Review/Create incident response plan
  • Test incident response regularly
  • Work with IT to ensure that data is unintelligible in case of unauthorized access (
  • Buy good insurance and make sure it covers you

GDPR Specific Changes

Under the new EU GDPR guidelines you also have to notify your customers without 72 hours of discovering a breach, so the likes of Equifax cannot sit on that information and trade stock in anticipation of the stock price declining.

  • Data controllers must report breaches to their supervisory authorities as well.
  • In some cases, affected data subjects must be informed following specific GDPR provisions.
  • Data controllers must maintain an internal breach register.
  • Non-compliance can lead to high administrative fines.
  • As things stand, the specific breach notification regime for communications service providers, set out in Commission Regulation 611/2013 on the measures applicable to the notification of personal data breaches under Directive 2002/58/EC, still applies.

Managing the Breach Notification Cycle

According to IBM Security research (2017 Ponemon Cost of Data Breach Study) the US has the highest notification cost per breach incidence. However, at XcooBee we are working actively to make this an easier and less expense process. We are building tools to help you notify your users, handle their responses, notify authorities, and even automate remediation tasks for your users on our network.

Our goal is to give our users a way to execute their plans with the tools and services that make a bad situation just a bit more bearable. Tools that our neighborhood kindergarten can use.

Please keep checking our pages as we share more about our platform and its features.

 

 

  • Facebook
  • Twitter
  • Tumblr
  • Pinterest
  • LinkedIn
  • E-Mail

Recent Posts

  • One Step to Make Personal Health Information Transfer Bulletproof
  • Don’t get caught with your script hanging out
  • Marketing in the Age of Privacy
  • Why GDPR compliance is not CCPA Compliance
  • Email Guard Protects Your Personal Email Address and Reduces Stress
  • Do your young kids know how to protect themselves online? What are you doing about it?
  • Universal GDPR authority complaints tool released
  • Privacy-By-Design
  • XcooBee elevates WordPress into a privacy-by-design platform for easy GDPR compliance

Categories

  • Apps (1)
  • CCPA (2)
  • Feature (12)
  • GDPR (4)
  • HIPAA (1)
  • Philosophy (7)
  • Press Release (12)
  • Privacy (13)
  • Usage (5)
  • About
  • Solutions
    • Email Guard
    • GDPR Life Cycle Solution
    • Secure File Transfers
    • Frictionless Cookie Management
    • Privacy Support for WordPress
    • Paper-to-Action
    • Innovative Consent Management
  • Features
  • Sign-Up
  • Blog
  • Login
  • For Businesses
  • For Freelancers
  • For Developers
  • Documentation
  • Terms of Service
  • Acceptable Use Policy
  • Privacy
  • Contact Us

Contact Us

Machine Translations
العربية简体中文NederlandsEnglishFrançaisDeutschItaliano日本語PortuguêsРусскийEspañolTürkçeУкраїнська

© 2018 XcooBee LLC