InformationWeek ("9 Ways To Minimize Data Breach Fallout") quoted New York Partner and National Co-Leader of the Privacy, Security and Social Media Team, Ted Kobus' blog post, "Data Breach Response: A Year in Review,” on Data Privacy Monitor, the firm’s blog dedicated to data privacy, security and social media subjects.
The InformationWeek article lists nine ways IT departments can best prevent and mitigate data breaches beyond incorporating a data breach response plan.
One principle businesses should follow, according to the article, is to balance the need to gather information with issuing a timely and clear notification after discovering a breach. "Transparency is key to maintaining relationships with customers and regulators, be certain you understand the scope of the breach before making an announcement," said Kobus in his blog post.
InformationWeek also advises businesses to encrypt all sensitive data, citing Kobus’ comment, "Encryption is not only a safe harbor, it is expected by customers and regulators."
The article also cautions against the art of the social engineering attack and points to Kobus' warning that "Social engineering tools are being used creatively to gain access to personal information."