How to Respond to Security Breaches

Question 1

What should you do following a security breach?

Answer 1

• Review the relevant policies and procedures and implement actions to reduce the possibility of a similar breach happening again.
• Review security settings and check that firewalls and anti-virus protection are up to date on all devices, and to require all staff to change their passwords
• Provide staff with updated training to recognise security threats.
• Check if the breach involves personal data; if it does it should be reported to the ICO.

Question 2

What should you do if the security breach is significant?

Answer 2

You may have to report it to the National Cyber Security Centre (NCSC) as well as ICO within 72 hours.

Question 3

How to prevent Fraud in a business?

Answer 3

• If senseitive info needs to be distributed, it should be done through secure electronic means.
• Docments should be protected from unauthorised edis by saving them in a read only format or applying restictive settings.

Question 4

How to prevent loss of theft of info and data in a business?

Answer 4

• Keeping paper copies of confidential info secure
• Documents may be stored in a safe, in extreme cases.
• Photocopiers should be checked after use to make sure important documents have not been left inside.
• Documents should be shredded or securely disposed of on they are no longer required.

Question 5

Training in preventing security breaches?

Answer 5

Business/organisations should train their staff to ensure they understand their legal responsibilities when handling data, as well as how they should manage data to reduce the risk of security breaches.