Are You Prepared for a Data Breach?

Risk Advisory/Internal Audit

By Christopher Watson

“We need to be more security conscious” is a common theme at many organizations today. Odds are that your organization is spending large sums of money strengthening your network in order to prevent the occurrence of a data breach. You may even conduct regular internal and external network penetration testing in order to identify potential holes in your network security.

These prevention measures are the best means to protect data from being compromised; however, even the best-protected networks are susceptible to a dedicated hacker or to a motivated or disgruntled employee with access to sensitive data. In addition to potential regulatory fines and penalties that can result from a breach, the organization’s reputation can be devastated, and loss of business may never be fully recovered.

So what do you do if a breach still occurs despite your best defenses?

In the event that preventative measures do fail, it is imperative to have a well-defined incident response plan in place. An incident response plan must be designed to ensure that actions are swiftly executed based upon the event and the sensitivity of the data that was compromised. A successful plan must have the following: support throughout the organization, an implementation strategy that is tested on a regular basis, and formal training for those charged with executing the plan. A good incident response plan helps to minimize the effects of a breach, which in-turn may eliminate or significantly reduce potential regulatory fines and penalties. However, the most valuable aspect of an effective plan is minimizing negative publicity that routinely accompanies breaches and the loss of business that often follows.

Schneider Downs provides accounting, tax and business advisory services through innovative thought leaders who deliver the expertise to meet the individual needs of each client. Our offices are located in Pittsburgh, PA, and Columbus, OH.

This advice is not intended or written to be used for, and it cannot be used for, the purpose of avoiding any federal tax penalties that may be imposed, or for promoting, marketing or recommending to another person, any tax related matter.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at contactSD@schneiderdowns.com.

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2019 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.