Kmart, Goodwill, Home Depot, JP Morgan Chase, PF Chang’s, ACME Financial, Cedars Sinai, Supervalu (twice), Jimmy John’s, Dairy Queen and American Family Care are all included in the list of recently reported data breaches. These events should bring several questions to the mind of anyone overseeing a privacy program:
- Is my privacy program working in concert with our organization’s security program to effectively prevent data breaches?
- Do we have an adequate training, awareness, and compliance program in place to avoid employee mistakes that could lead to a data breach?
- Have we reviewed / audited the practices of our vendors and contractors to assure their activities will not contribute to a data breach?
- If a data breach does occur are we ready to manage the event?
In our consulting practice, we often come across organizations who must answer all of these questions with a resounding “No”. Too often, many organizations see themselves as invulnerable and it is that view that makes their organizations even more vulnerable.
As you define your budget for 2015, be sure you invest in reviewing and improving your readiness for prevention of and response to a data breach.