Market Snapshot
  • U.S.
  • Europe
  • Asia
Ticker Volume Price Price Delta
DJIA 16,408.54 -16.31 -0.10%
S&P 500 1,864.85 2.54 0.14%
NASDAQ 4,095.52 9.29 0.23%
Ticker Volume Price Price Delta
STOXX 50 3,155.81 16.55 0.53%
FTSE 100 6,625.25 41.08 0.62%
DAX 9,409.71 91.89 0.99%
Ticker Volume Price Price Delta
NIKKEI 14,516.27 98.74 0.68%
TOPIX 1,173.37 6.78 0.58%
HANG SENG 22,760.24 64.23 0.28%

Experian Data Breach Resolution Reveals Five Common Mistakes Made When Handling a Breach

    Experian Data Breach Resolution Reveals Five Common Mistakes Made When
                              Handling a Breach

In recognition of National Cyber Security Awareness Month, the list identifies
missteps that may put organizations at greater risk for reputational,
financial and legal damage.

PR Newswire

COSTA MESA, Calif., Sept. 30, 2013

COSTA MESA, Calif., Sept. 30, 2013 /PRNewswire/ -- A data  breach is an issue
that can affect any organization and National Cyber Security Awareness Month
is an opportune time for organizations to start to prepare for an incident or
enhance their current response plan. With experience handling thousands of
breaches, Experian Data Breach Resolution is observing the commemorative month
by providing key insight into how to overcome common mistakes companies
experience when handling a data breach.

"While there has been great progress among businesses and institutions in data
breach prevention, breaches can still occur and it's important to execute the
right steps after an incident," said Michael Bruemmer, vice president at
Experian Data Breach Resolution. "Being properly prepared doesn't stop with
having a response plan. Organizations need to practice the plan and ensure it
will result in smooth execution that mitigates the negative consequences of a
data breach."

Those possible outcomes can include a loss of customers, regulatory fines and
class-action lawsuits. Studies show that a majority of organizations had or
expect to have a data breach that results in the loss of customers and
business partners, and more than 65 percent of companies have or believe they
will suffer serious financial consequences as a result of an incident[1].
Among companies that had breaches, the average cost reported of incidents was
$9.4 million in the last 24 months. These costs are only a fraction of the
average maximum financial exposure of $163 million that the companies surveyed
(breached or not) believe they could suffer due to cyber incidents[2].

Experian Data Breach Resolution will present on this topic at The
International Association of Privacy Professionals (IAPP) Privacy Academy held
in Bellevue, Seattle, on Oct. 1 at the conference session titled, "Managing
the Top Five Complications in Resolving a Data Breach." Those not in
attendance can view the presentation through a live stream at and pose questions to the panelists in real
time via Twitter using the hashtags #databreach and #iapp.

According to Bruemmer, three of the most common mistakes include:

  o No engagement with outside counsel — Enlisting an outside attorney is
    highly recommended. No single federal law or regulation governs the
    security of all types of sensitive personal information. As a result,
    determining which federal law, regulation or guidance is applicable
    depends, in part, on the entity or sector that collected the information
    and the type of information collected and regulated. Unless internal
    resources are knowledgeable with all current laws and legislations, it is
    best to engage legal counsel with expertise in data breaches to help
    navigate through this challenging landscape.

  o No external agencies secured — All external partners should be in place
    prior to a data breach so they can be called upon immediately when a
    breach occurs. The process of selecting the right partner can take time as
    there are different levels of service and various solutions to consider.
    Plus, it is important to think about the integrity and security standards
    of a vendor before aligning the company brand with it. Not having a
    forensic expert or resolution agency already identified will delay the
    data breach response process.

  o No single decision maker — While there are several parties within an
    organization that should be on a data breach response team, every team
    needs a leader. Determine who will be the driver of the response plan and
    primary contact to all external partners. Also, outline a structure of
    internal reporting to ensure executives and everyone on the response team
    is up to date and on track during a data breach.

Depending on the industry, additional oversights may involve securing proper
cyber insurance and following the Health Insurance Portability and
Accountability Act (HIPAA) and Health Information Technology for Economic and
Clinical Health Act (HITECH). The complete list and tips to overcome these
issues will be addressed by Bruemmer at the IAPP Privacy Academy presentation.
For the Experian Data Breach Resolution schedule of presentations, visit

Additional data breach resources, including Webinars, white papers and videos,
can be found at

Read Experian's blog at

About Experian Data Breach Resolution
Experian^® is a leader in the data breach resolution industry and one of the
first companies to develop products and services that address this critical
issue. As an innovator in the field, Experian has a long-standing history of
providing swift and effective data breach resolution for thousands of
organizations, having serviced millions of affected consumers. For more
information on the Experian Data Breach Resolution division at, Inc. and how it enables organizations to plan for and
successfully mitigate data breach incidents, visit

About Experian
Experian is the leading global information services company, providing data
and analytical tools to clients around the world. The Group helps businesses
to manage credit risk, prevent fraud, target marketing offers and automate
decision making. Experian also helps individuals to check their credit report
and credit score, and protect against identity theft.

Experian plc is listed on the London Stock Exchange (EXPN) and is a
constituent of the FTSE 100 index. Total revenue for the year ended March 31,
2013 was US$4.7 billion. Experian employs approximately 17,000 people in 40
countries and has its corporate headquarters in Dublin, Ireland, with
operational headquarters in Nottingham, UK; California, US; and Sao Paulo,

For more information, visit

Experian and the Experian marks used herein are service marks or registered
trademarks of Experian Information Solutions, Inc. Other product and company
names mentioned herein are the property of their respective owners.

[1] Experian Data Breach Resolution and Ponemon Institute study, Is Your
Company Ready for a Big Data Breach? 2013

[2] Experian Data Breach Resolution and Ponemon Institute study, Managing
Cyber Security as a Business Risk: Cyber Insurance in the Digital Age 2013


SOURCE Experian Data Breach Resolution

Contact: Tara Mulcahy, Edelman, 1 206 268 2212,, or
Sandra A. Bernardo, APR, Experian Data Breach Resolution, 1 949 567 3676,
Sponsored Links
Sponsored Links