Immediate Steps to Take in the Wake of a Data Breach

The first reaction many have when they learn about a data breach is to jump in and take immediate action. And, most definitely, action will need to be taken. But, one of your most important next steps following a data breach is to hit “pause” and evaluate the situation.


It is every business owner’s nightmare: finding out your company’s data has been compromised. And, in that initial wave of emotion, it can be easy to make missteps that could cost you in the long run. Here are some best practices when considering what actions you will need to take following a data breach:

  • Do you have cyber insurance? If you do, this should be one of the first calls you make. You will want to be sure to preserve any needed evidence of the breach for your claim. In addition, many times this insurance coverage will provide you with resources to notify affected customers, recovering compromised data, legal guidance on the necessary reporting procedures and more.
  • Determining who will be in charge. This needs to happen before a breach happens and needs to be documented in an incident response plan. This plan will help you identify needed actions, develop responses and communicate with impacted audiences in an open and timely fashion.
  • Quickly isolate impacted equipment. Think of a data breach in the same way you would respond to being bitten by a poisonous snake. You need to stop the venom from spreading, which could mean taking computers or servers offline.
  • Call in your team of network security experts to assess the breach. You need to identify the source of the breach and contain the damage. If you don’t have the needed expertise on your IT team, you will need to reach out to a qualified forensic team to determine point of entry and how far the attack has gone while on your network.
  • After the dust settles, take the time to debrief. Do any policies, procedures or technology need to be put in place to better protect you from this type of incident from happening in the future? Do any improvements need to be made to your incident response plan to better position you for future events?

Dealing with a data breach is a difficult and delicate situation. A proper first response is critical in reducing your losses and potential liability. At BerganKDV, our technology team is here to help you get an idea of the health of your organization’s information security. Start here. Want to receive more technology updates like this? Subscribe now.

CATEGORIES: Tech & Innovation
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments

Assess Your Company’s Tech Risk

Is your organization's data protected?