Brokerage Ops the June 2013 issue

Q&A with Meredith Schnur

Data Breach? Don’t do this.
Posted on May 29, 2013

Investigate first before you announce anything.

Q
What shouldn’t you do when a data breach occurs?
A
One of the worst mistakes we’ve seen over the past couple years is to immediately notify everybody when a breach occurs. We see a lot of that—first and foremost because they think they can take care of it as soon as possible to avoid any future damage to their reputation when they could be damaging their reputation more because they might not have to notify. You need to investigate first before you announce anything publicly.
Q
What other problems do you see?
A
Many of our clients do not have a mature incident response team in place. This is a team made up of internal and external resources who are responsible in the event of a breach, just like any other disaster recovery type of plan. Oftentimes, the risk management department is not in the immediate “know” when a breach occurs. This makes it difficult when coordinating with insurance if the insured begins to incur breach-related costs. Lastly, most insureds check off the box that they have an incident response program, but they’ve never tested it. They should be doing that regularly. It’s going to happen. The more prepared they are, the less they’re going to spend, the less harm to their reputation and, in the long run, the less cost to their company.

More in Brokerage Ops

Technology Is a Catalyst for M&A Integration
Brokerage Ops Technology Is a Catalyst for M&A Integration
Buyers and sellers can both benefit from good tech.
Sponsored By Trucordia
Brokerage Ops Mixing High Tech and High Touch
Q&A with Courtney Hutchison, Market President—Colorado, The MJ Companies
Growing Through Product and Geographic Expansion
Brokerage Ops Growing Through Product and Geographic Expansion
This approach to firm growth may become the new normal as brokerages look to gra...