By Melanie Oldham, Bob’s Business
Founder and CEO of Bob’s Business, Melanie Oldham, who has over 10 years of experience within Infosec, spoke at DigitalU about information security and how it is a people problem, with security breaches being caused by human error.
No matter the scenario, teamwork is key. By working together with the people in your organisation you can minimise the risk of a security breach and effectively handle the impact of such an event.
With General Data Protection Regulation (GDPR) coming into effect on 25th May 2018, now more than ever, you need to make sure that your staff have cybersecurity and compliance at the forefront of almost everything they do.
As well as tighter regulations on how you handle personal data, GDPR also presents a number of opportunities for organisations and stakeholders to benefit from compliance, such as:
- Improved internal processes
- Increased resilience
- Assurance for all
- Reputational confidence
- Sales & marketing
- Avoidance of fines
- Build trust, transparency
In order to avoid the most amount of damage from a security breach, here are 5 tips from Melanie on the best ways to react to a security breach:
Speed is essential in the event of a security breach! The best way to make sure that you’re ahead of the game is to prepare by creating a safe zone for employees so they can plan and rehearse in the event of a security breach.
Don’t wait to go public
Make sure your customers hear of any breaches from you first. In the absence of information and reassurance people tend to overthink. Don’t worry about having all the answers straight away, this is about creating an image of transparency and reliable communication within your company.
Have a crisis communication plan
Having a solid and detailed crisis communication plan in place will let you react quickly to any cyber security situation. Your plan should take into account what you plan to do and what you plan to say in your approach to your employees, customers and the media. The plan should also include any legal obligations that you may have, such as needing to inform the Information Commissioner’s Officer.
Manage the media
This tip is crucial so that you can control the narrative of the situation. In order to avoid your organisation sending out mixed messages, you should allocate one staff member to be your official spokesperson who handles all inbound communication.
Forging good, strong relationships with key press contacts will give you a direct line of communication with those who you want to get it out to most and this will also prevent other people define your response.
Consistent line of communication
Make sure you’re putting out frequent, clear and informative updates of the situation.
Every one of your responses should be all hands on deck, in order to maintain a positive image in the situation, you should make your intentions clear and come up with solutions rapidly.
Don’t pass the blame in your message, own up to the mistake. Your customers and the media will see right through this and you’ll risk tipping the scales out of your favour.
A little more about Melanie
Melanie Oldham is the founder and driving force behind Bob’s Business, an award winning and leading cyber security awareness training and phishing simulations provider. Melanie has racked up over 10 years’ experience in the cyber security sector and has become a recognised and well-respected force within the industry. Bob’s Business delivers awareness campaigns to organisations of all shapes and sizes – from 10 users right up to 70,000 users. Last year, Bob’s Business educated 500,000 users. Melanie is also the founder and chair of the Yorkshire Cyber Security Cluster, a collaborative group that aims to reduce cyber security within the region. Enabling business growth by embedding cyber security foundations using a collaborative approach.
You can follow Bob’s Business on Twitter here https://twitter.com/BobsBusinessUK/