Q&A with National Practice Leader for Wells Fargo Insurance’s Technology, Privacy and Network Risk Practice. 

Investigate first before you announce anything.

What shouldn’t you do when a data breach occurs?

One of the worst mistakes we’ve seen over the past couple years is to immediately notify everybody when a breach occurs. We see a lot of that—first and foremost because they think they can take care of it as soon as possible to avoid any future damage to their reputation when they could be damaging their reputation more because they might not have to notify. You need to investigate first before you announce anything publicly.

What other problems do you see?

Many of our clients do not have a mature incident response team in place. This is a team made up of internal and external resources who are responsible in the event of a breach, just like any other disaster recovery type of plan. Oftentimes, the risk management department is not in the immediate “know” when a breach occurs. This makes it difficult when coordinating with insurance if the insured begins to incur breach-related costs.

Lastly, most insureds check off the box that they have an incident response program, but they’ve never tested it. They should be doing that regularly. It’s going to happen. The more prepared they are, the less they’re going to spend, the less harm to their reputation and, in the long run, the less cost to their company.