Michael Overly makes a very good suggestion for breach notification policies on the CSO Security blog. Michael notes that, although organizations are implementing policies on how to deal with a data breach once it’s known, those policies do not encompass the steps that would quickly notify them of said breach.

Before the response team can be put together, before documentation is completed, before the press and consumers are contacted, there is a gap between “finding the breach” and “reporting the breach.”

Michael suggests simple instructions for all employees to understand what a security breach looks like (from a lost USB key to unusual workstation activity), to accept responsibility to report it, and how to report it. It is important that the right people are notified as soon as possible, but this part of many security policies is currently weak.

Many companies face harsh public scrutiny if the breach is not reported promptly (not to mention legal consequences). Improving the breach notification process can help minimize any potential damages.

Tags: data breach, data breach policy, breach notification policy, security policy, it security, breach, breach reporting