Brokerage Ops the June 2013 issue

Q&A with Meredith Schnur

Data Breach? Don’t do this.
Posted on May 29, 2013

Investigate first before you announce anything.

What shouldn’t you do when a data breach occurs?
One of the worst mistakes we’ve seen over the past couple years is to immediately notify everybody when a breach occurs. We see a lot of that—first and foremost because they think they can take care of it as soon as possible to avoid any future damage to their reputation when they could be damaging their reputation more because they might not have to notify. You need to investigate first before you announce anything publicly.
What other problems do you see?
Many of our clients do not have a mature incident response team in place. This is a team made up of internal and external resources who are responsible in the event of a breach, just like any other disaster recovery type of plan. Oftentimes, the risk management department is not in the immediate “know” when a breach occurs. This makes it difficult when coordinating with insurance if the insured begins to incur breach-related costs. Lastly, most insureds check off the box that they have an incident response program, but they’ve never tested it. They should be doing that regularly. It’s going to happen. The more prepared they are, the less they’re going to spend, the less harm to their reputation and, in the long run, the less cost to their company.

More in Brokerage Ops

Managing the ‘Challenging Generation’
Brokerage Ops Managing the ‘Challenging Generation’
Gen Z has earned a reputation for difficulty in the workplace. Start from a plac...
Brokerage Ops The Journey to Reduced Errors and Omissions in Benefits
Comprehensive digital integration of agency platforms is a boon for insurers and...
Craft over Cramming
Brokerage Ops Craft over Cramming
Improving sales and renewal processes can increase profits and reduce stress for...