Data Breach Response Planning Guide

The same things that make you valuable to your client as a managed service provider make you a target for a security breach. Your expertise in storing, accessing and maintaining sensitive information draws the attention of cybercriminals. Your connections to multiple platforms, vendors and clients are enticing for bad actors looking for one-stop shops for their own black market supplies: credit card information, social security numbers, personal information, internal contacts and other sensitive information.

Unfortunately, far too many managed service providers have found themselves to be not only enticing victims, but also fruitful targets. Be it a lack of preparedness, human error or technical insufficiencies, information technology companies have struggled to meet the data security challenges we now face. CompTIA’s IT Security Community has created this tool to help guide you as you prepare a data breach response plan. The tips you’ll find here range from the big picture (preplanning and testing) to the details (keeping related notes of an incident separate from day-to-day business), but are all designed to take fear of the unknown out of the equation. Even if you already have robust data security policies and a clearly defined data breach response plan, you may find a new idea or recommendation to further improve your posture. By sharing this planning guide with team members, you reinforce the idea that data security is not a passive, one-and-done activity. It’s every day. It’s a mindset. It must become embedded into your culture.

Luckily, there are some proven methods of training, planning and activating the proper support teams that will help you prevent what you can and respond appropriately to limit the impact of a security breach. This guide follows the structure of the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) and highlights where in the CSF you can find more information. Please note that the NIST CSF is a framework, not a standard. The recommendations and concepts within the framework can be applied globally to any compliance standard or alternate security framework with which you may already be familiar. Of course, your plan should cover more than is shared here. Use this planning guide to get you started, highlight areas you may have missed and help you through them.