Picking up the pieces after a data breach

The way that you follow up in the immediate aftermath of a crisis can affect not only how the event is perceived, but also how successfully you'll avoid trouble in the future. As CIO, you can't leave crisis management to other executives; you need to both lead the IT work and play a key role in the business's efforts to cope with the aftermath. First, put your existing incident response plan into action. Hopefully, that plan lays out your business responses, your key contacts, and your public and regulatory obligations. Reach out quickly to the non-technical people who can help you, including human resources staffers, public relations people and legal staffers. You also might need the CFO to authorize emergency spending, accountants to track spending for insurance claims, or operations people to work overtime to make adjustments as IT gets everything back up and running. Once you identify the problem, dig deeper through a root-cause analysis. Look around at the environment and ask what other scenarios or situations could happen. Also, examine why the crisis wasn't averted in the first place by your early-warning processes and systems. And communicate with all stakeholders, connect with affected colleagues, support your overworked staff, push through the changes that will prevent a repeat incident, and hold a postmortem.

Learn more about recovering from a crisis:
- read the article at ComputerWorld

ALSO:
- read this on how honesty and openness can limit data breach damage
- and this on recovering from a cyber-attack