data b r e ac h S WAT t e a m
Your response starts now
Data breach. Who shall we call? Tick tock tick tock What shall we do? Tick Tock Tick Tock How should we do it? Tick Tock Tick tock
Bang!
From utility companies to supermarkets, we live in an age where the abundance of information has changed how organisations interact with their customers. But the more data we create and acquire in the course of doing business, the greater the chance that sensitive information will be lost or stolen. The increasing number of high profile data breach cases and coming EU regulation make it an issue that’s keeping every business owner awake at night. At Schillings we’ve put together a unique solution that should ensure your sleep is a little more restful.
the principles
01. A GOOD RESPONSE IS FAST The first 72 hours following a breach are the most crucial. You will need to investigate the cause, put in place remedial measures, handle the media and consider who needs to be informed – from regulators to customers. Our approach is about preparing you to make the right decisions quickly, safe in the knowledge that you are on solid legal ground. The Data Breach SWAT Team we’ve assembled at Schillings brings together the four skill sets essential to ensuring all of the issues get resolved with pace and precision: reputation law, risk management, data protection and information security experts uniquely brought together under the one roof.
There’s a time for SWOT
and a time for SWAT schillings.co.uk
02. A GOOD RESPONSE IS cohesive As soon as the clock starts ticking you’ll need a whole array of functions to click into place: isolating and closing the breach, legally compliant reporting, notifying customers, handling the media. If these goals are pursued in isolation you may find they start pulling you in different directions. That’s why each member of our team will work with their opposite number in yours, ensuring they understand how their role fits into the bigger picture.
A tight ship starts with
A tight leadership team Data Breach SWAT Team
REGULATORY REPORTING
is not the only reporting you need to worry about 03. A GOOD RESPONSE MEANS BEING MINDFUL OF REPUTATION FALLOUT The real threat from a data breach is not the incident itself, but the lasting damage it can do to your reputation. Safeguarding reputations through fast legal response has been our business for over 30 years. As well as preparing you to handle a breach effectively, we’ll ensure that the information flow is controlled and any media comment is addressed.
schillings.co.uk
When has process ever solved
a people problem? 04. A GOOD RESPONSE FOCUSES ON THE HUMAN FACTOR Large companies are rarely short of policy and procedure, but both of these ignore the crucial factor: people. Whether accidental or malicious the common factor in almost every data breach is human action, and they have a fundamentally human solution. Working with your HR team we’ll ensure every individual understands their particular role in guaranteeing your business emerges with its reputation and bottom line intact.
Data Breach SWAT Team
05. A GOOD RESPONSE IS A PRACTISED REPONSE We all learn best from our mistakes, but with your customers’ confidence at stake a data breach could prove an expensive lesson. So, what’s the next best thing to experiencing a full-scale crisis? A full-scale dress rehearsal. At the heart of our pre-breach service is a simulation replicating crisis conditions as closely as possible, so that the right calls become second nature.
The best way to prepare for a crisis?
Experience a crisis schillings.co.uk
our offer
Let us find your weaknesses
before they do
Our offer is split into pre- and post-breach services. As you would expect, the emphasis is on the pre-breach preparation and prevention. But rest assured, if the day does arrive we will be on hand to help you put your response into action immediately.
schillings.co.uk
Pre-breach
01.
Health check You won’t know exactly when or how a data breach will occur, every organisation is different after all. By assessing the specifics of your business however, it is possible to identify the areas where you should concentrate your efforts. Our health check will seek out the risk areas that are specific to your industry and business, measuring and ranking each to give you an accurate view of your organisation’s current strengths and vulnerabilities. What we look at in detail will depend on your area of business but will usually include: • Internal information-handling and management practices, policies and procedures • Information security and physical security controls and processes • The types of information that you hold e.g. commercially sensitive or otherwise confidential data • Compliance with data protection legislation • Internal escalation procedures and crisis plans • Disgruntled employees
Data Breach SWAT Team
02.
03.
The simulation provides the opportunity to war game specific scenarios identified by the health check which cover both tangible risks (e.g. loss of customer financial information) and intangible risks (e.g. harm to reputation). The types of data that may be the subject of a breach will vary by sector and type of organisation. For that reason we offer three types of simulation:
The insights gathered from the first two phases will inform measures to strengthen your defences, build resilience into your operations and better protect your data. We will then build you a personal roadmap guiding you through every stage of your breach response.
Simulation
• A short, high level, table-top simulation (1–3 hours) • A more interactive and in-depth session involving some simulated events in real time (3 hours –a full day) • A full, interactive highly detailed and immersive simulation
Bespoke manual
• Golden hour – What do you do immediately after you are alerted to the breach? • 1–3 days – How do you investigate what happened? What steps must you take now to remediate and notify the relevant parties? How do you stop the reputation threat from the media, agitators, competitors or influencers and what can you do to manage social media? • 1–3 weeks – How can you deal with or counter the postincident reputational fall-out and what can you do to win back stakeholder confidence?
schillings.co.uk
Post-Breach Having undertaken all of the necessary preparation, if the day does arrive that you face a data breach everyone in your organisation should be primed and ready to respond. The SWAT team will be on hand to support you every step of the way with help and advice on containing and neutralising the specific threat.
Legal (reputation)
Legal (data protection)
• Immediate round-the-clock legal advice on any reputation impacts or threats arising from a data breach scenario • Working alongside PR advisors to contain and minimise spread of negative press • Emergency legal action if necessary to stop allegations or leaks • Preventing leaks from employees and stopping further leaks • Working on a global basis to take down or correct information both on- and offline • Legal action to recover leaked or stolen information
• Legal advice on all aspects of data protection in a breach scenario • Advice on notification procedures and dealing with an ICO investigation • Assessment of third party contractual liabilities • Advice on post-breach remedial compliance measures • Assistance with, and provision of, staff training on best practice, information management and handling • Reviewing internal and external policies and procedures to mitigate the risk of any further breach
Data Breach SWAT Team
Information security / digital forensics (IT) • Post-breach assessment to help determine business impact • Post-breach containment of affected systems and advice on IT continuity • Post-breach forensics to determine the source of the breach • Practical advice on remediating urgent technical issues • Practical advice on compliance management • Coordination of technical resources and third-parties in a breach scenario • Post-breach online monitoring of leaked or stolen information
schillings.co.uk
If you want to keep hold of Your data, keep hold of ours...
The Resilience Suite Schillings 41 Bedford Square London WC1B 3HX T +44 (0)20 7034 9000 www.schillings.co.uk
■ Data Breach SWAT Team ■ Immediate Response ■ Digital Privacy ■ Reputation Radar ■ Counter Strike ■ Encased