A data breach is a business emergency that has to be managed quickly and effectively to mitigate losses and stay on the right side of compliance. When such an event happens, many organizations call in a data breach coach: the “first responder” who leads the response and recovery.
Typically, a data breach coach is a lawyer who specializes in cyber security and privacy law. Acting as a project manager, they guide an organization on the best course of action, with help from a team they assemble from a variety of disciplines. The team can include experts from IT, forensics, legal, regulatory and communications, all of whom may be needed to help manage the breach.1
Why work with a data breach coach? As in many other crisis-management situations, your in-house staff may not have the expertise to handle a data breach, or you may want to keep your key staff focused on their regular responsibilities.
Having a legal expert take the lead is beneficial, as they understand laws regarding notification requirements and have experience working with regulators on issues like fines and penalties. One legal expert also noted that as lawyers, data breach coaches are able to guard your information with solicitor-client privilege, which can add an extra layer of protection and security to your communications. 2
There are three key areas that data breach coaches manage:
- Breach Investigation: A data breach coach can help you hire a computer forensics company to investigate the cause and scope of breach. Forensic teams work to identify the type of hack, approaches used, the source and timeline, and determine how best to recover compromised data. 3 They also preserve all the necessary evidence and can work with the data breach coach to identify potential legal and compliance issues.4
- Notification Requirements: A data breach coach will analyze the facts uncovered by forensics to determine what steps to take in a legal context and help your business remain compliant. Legal obligations may include providing notice of the breach to affected individuals and regulators, depending on what information was compromised. For example, in Canada, a breach involving “real significant harm” to individuals needs to be reported to the Office of the Privacy Commissioner of Canada.” Real significant harm is determined based on the sensitivity of the information involved in the breach and probability for misuse.5
- Crisis Communications: A data breach coach can secure crisis communications professionals to ensure any communications regarding a data breach are carefully planned and managed. This can reduce risks such as reputational harm to your business. 6 The team can determine how those affected by the breach should be alerted, what statements to make to the public and the media, and how to communicate with authorities. They can also provide contact information and handle inquiries from customers and the media. 7,8
In the event of a data breach, it’s important to respond quickly and correctly. If your organization doesn’t have the internal resources to handle legal and compliance issues, or have expertise in crisis communications, having a data breach coach take the lead is a smart move. They are an invaluable source of information and expertise, and can help take the load off your shoulders in a time of crisis.
1 “Data Breach: Frequently Asked Questions,” Siskinds, May 2020
2,6 “Why Your Company Should Secure A Data Breach Coach,” Forbes, July 29, 2019
3,4 “Digital Forensics: Identifying the Who, What, When and How of Cyber Attacks,” Secure Cyber Defense
5 “What you need to know about mandatory reporting of breaches of security safeguards,” Office of the Privacy Commissioner of Canada, Oct. 2018
7 “A Crisis Communications Plan for Data Breaches,” Pushkin PR
8 “Why Your Company Needs a Data Breach Communications Plan,” Medium, March 9, 2020