Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

The do’s and don’ts of communicating a data breach

By Cody Chamberlain
data-breach-notification-freepik.jpg
May 23, 2022

Data breaches are occurring more frequently than ever before, even when organizations have the best security precautions in place. According to the Identity Theft Resource Center’s 2021 Data Breach Report, data breaches rose 68% from the previous year, reaching the highest number ever reported. That said, while a cyberattack may be out of an organization’s control, one thing it can and should control is how it communicates a breach.


Many corporations have developed canned responses to breaches along the lines of “We identified a breach of our systems, and you have been identified as being impacted. Your security is of the utmost importance to us, so we’re providing you with free monitoring.” 


However, more sophisticated and impactful breaches need a more detailed response plan. One that focuses on getting systems back online and defines what steps the organization will take to prevent another breach from occurring. There are three key elements to implementing a successful data breach communication strategy; an incident response plan, consistent communication, and transparency. 


Lean into the Incident Response Plan

An incident response plan is one of the most critical components of the customer notification process, as it enables an organization to acknowledge they’ve fallen victim to an attack, but also take ownership and focus on the customer.


Following a data breach, the customer ultimately wants to know three things: if their data has been stolen, the risk to the data at the time of the incident, and if they need to take additional action with the government or law enforcement to assist in the investigation. 


The incident response plan should provide accurate and timely information that accounts for all these customer questions and keeps their best interests in mind. This plan must be communicated and adopted beyond security and IT teams by a crisis management team that extends across all departments. Every person in the communications chain must report their findings to the executive level for all angles and aspects of the breach to be considered. 


An organization must also proactively work with legal and finance teams to understand which regulatory bodies, government entities, and insurance agencies to notify. Once all information is made clear, the organization can convey the details of the incident to the customer in a quick and straightforward manner, and, in high-profile situations, present the case to the public. 


Maintain Open and Consistent Communication 

The 2021 data breach report from IBM and the Ponemon Institute showcases that, on average, organizations identified breaches in 212 days and contained them within 75 days. As a result, organizations and their customers were left vulnerable for an extensive period of time. Time is of the essence, so an organization must execute on customer communications as early as possible. It should also ensure that it is the go-to source for any information regarding a breach at all times. As such, it may be beneficial to create a webpage dedicated to providing updates in real-time.


In terms of how information is communicated, an organization must give its affected customers a clear understanding of which data was lost and when the incident occurred. End users require as much information as possible to understand how this breach could impact their lives and businesses. 


Some of the top questions to ask your team when communicating a data breach include: what happened and what do we know, what is the scope of the incident, how did we impact this, and how exactly can we help the customer? 


In asking these questions, an organization can ensure they are fully prepared to communicate to the customer and openly address their concerns in a consistent manner. 


One of the biggest challenges an organization faces when communicating a breach is moving too fast and responding without having gathered the right information or assessment of impact, which can change the narrative — something that is imperative to avoid. 


A shift in narrative can cause the customer to have additional questions, which, in turn, delays action — potentially causing the public to believe an organization is hiding something. Additionally, delays in communication can cause substantial problems for the customer in recovering from the breach, which will put the blame back onto the organization for any liabilities.


Be Transparent

It is the responsibility of the breached organization to provide accurate and timely information that accounts for customer questions and looks after their best interests while also adhering to internal and external legal advice to minimize liability. 


If unable to share specific breach details, an organization should be transparent about the reason for not immediately releasing information publicly, i.e., if law enforcement is involved. 


A data breach can happen to any organization, at any time — so an organization should also never assume or share with their customers that it won’t happen again… because it might. Instead, it should assure the affected customer that the incident is being properly contained and managed. 


To best support customers, an organization should let its customers know that it is prioritizing security and taking the necessary steps to mitigate future potential breaches as well. This can include taking steps such as hiring third parties to conduct penetration testing on the affected network, cloud platform, application, etc., where the breach occurred, and report those steps to the customer to prevent vulnerabilities in the future.


In today’s threat environment, there’s no guarantee that an organization won’t face a breach, even with a solid cybersecurity program in place. It’s often a matter of when, not if. As such, you must be proactive about your crisis management policies and procedures. A robust data breach communications strategy that includes transparency and open and consistent communication allows organizations to focus on resolving the incident while providing the best customer service possible. 

KEYWORDS: crisis management cyber security data breach incident response

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Cody chamberlain headshot
Cody Chamberlain is Head of Product at NetSPI.  As Head of Product, he focuses on ensuring the delivery of the technical roadmap, strategizing on future product offerings, and partnering with sales and marketing on go-to-market strategies. He has spent the majority of his career in varying cyber security roles at companies like Ameriprise Financial and Target Corp.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

2025 Security Benchmark banner

Events

September 29, 2025

Global Security Exchange (GSX)

 

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • green and red network data

    The impact of a data breach

    See More
  • piggy bank

    $4.35 million — The average cost of a data breach

    See More
  • costs-freepik1170x658v5735.jpg

    What is the annual cost of a data breach?

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing