Data Breach Response Plan

Why Your Business Needs a Data Breach Response Plan

Data security hasn’t traditionally been treated as a major concern for small to medium enterprises. However recent high-profile data security breaches and the new Government regulation requiring Australian businesses to alert authorities and affected clients if they get hacked, has pushed IT security to the top of the priority action list.

In fact, a recent survey from software security giant Norton reveals that Australian small businesses are more vulnerable to cyber threats than ever before.

According to the survey, 1 in 4 Australian small to medium businesses has fallen victim to cyber-crime in the past year, a rise from 1 in 5 in 2016.

While cyber-threats are on the rise, security experts advise there are many steps businesses can take to protect themselves. A data breach response plan incorporating the best security practices is among the first steps in mitigating against a potential cyber-attack.


Steps to Guard Against a Data Breach

Consider the following to protect your business:



Cyber insurance is a smart way to minimize damage and cover for financial losses. Corporate insurance brokers can advise on the correct policy to help your business. According to Norton, up to 22% of SMBs currently hold cybersecurity policies.


Security and Backup

To reduce the risk of being hit by a cyber-attack, implement security software solutions to stay protected. Businesses should also back up important data to prevent loss. Approximately 20% of all micro and small businesses back up their data once a month.


Keep up to Date

Ensure you have the latest versions of all software and applications. Outdated software and operating systems are notorious for security vulnerabilities.



Change passwords every three months and avoid sharing or re-using. Consider using a password manager to protect your information. Use strong passwords for all devices and business accounts, including Wi-Fi networks.


Data Breach Response Plan

A data breach response plan is now a fundamental requirement for all businesses covered under the Privacy Act 1988, including organizations, agencies, credit reporting bodies, credit providers and tax file number recipients.

However, it is recommended that all businesses and entities develop a data breach response plan as good practice. Here’s why you should consider one for your business:


Reduces Business Downtime

According to Norton’s 2017 report, business downtime emerged as the main impact of a cybersecurity threat, an often-overlooked cost.

Downtime expenses are only the start of all the associated costs. Small businesses have limited resources to waste on recovery, making them more vulnerable to the short and long-term effects of data loss.

The more you can prepare for and prevent cyber-attacks, the better for your business. With a data breach response plan in place, you’ll be in a better position to respond quickly to incidents. This helps to decrease losses in employee productivity and profits, encouraging operational activities to keep running smoothly.


Minimises Costs and Risks

Despite downtime being the biggest impact, it’s the theft of private information and cyber-attack costs that tend to be the biggest concern for businesses.

On average, cyber-attacks costs small businesses $1.9 million. The cost of each attack has risen 56% (from $6,591 to $10,299) in 12 months, proving how crucial it is for SMBs to be highly diligent about cyber-security.

Impacts such as downtime, inconvenience and financial and data loss can negatively affect how your business operates and how your customers perceive it. Diminished reputation, loss of customer trust, reduced revenue and decreased competitive ability are all damaging to small businesses.


Keeps Everyone on the Same Page

Whether it’s you and a handful of employers or a million-dollar company, communication can get lost in translation. A data breach response plan outlines clear expectations of everyone’s responsibility in the process, including actionable steps to contain, assess and respond to the breach, so there is less room for misinterpretation.

Small businesses have been warned that the consequences of a data breach can be severe; from financial to brand and reputational damage. Every business, regardless of its size, must make risk-aware decisions and understand the importance of data security.

For help creating your strategy, read this guide to developing a data breach response plan and research cyber insurance and security tips to ensure your business is protected from potential threats.

Related posts

Building and Solidifying Your Relationships With Influencers

Jac Bowie

5 Ways to Prepare for a Business Audit

Dixie Somers

5 Ways to Lead Your Growing Business with Confidence

Julie Brettle