Law firm launches online planning tool for cyber attacks and data breaches

International law firm DAC Beachcroft has today launched an online Breach Response Planner to help organisations manage cyber and data breaches.

The new Breach Response Planner guides users through a five step process to identify internal and external incident response teams, establish response protocols and build a comprehensive breach response plan.

High profile cyber attacks have led to more and more companies offering cyber products, especially to SMEs, who are the most susceptible to a breach, but are least likely to have a cyber insurance policy in place.

Accessed via an online portal, a complete plan is included for those who want an off-the-shelf solution, and may be customised for those who want something more bespoke.

Hans Allnutt, head of cyber and data risk at DAC Beachcroft said: “European data protection regulators recommend that organisations that handle personal data should have a plan in place to respond to security breaches. Our Breach Response Planner helps create that plan.

”If that organisation then suffers a data breach, all their key stakeholders have immediate access, via the online portal, to the information they need, so that they can respond in a focused, swift and measured manner.”

The five-step process starts with the customer designating their internal breach team and external advisors. Then, they will implement the protocol to follow if a cyber breach is detected.

Once protocols are set, users can then determine their plan as to how they will detect, triage and contain the breach, assess the measures that need to be taken and notify affected parties.

The tool also includes links to additional supportive material such as a breach severity risk matrix to assess and categorise a breach, a breach incident log, a breach checklist, breach scenario case studies, and a summary of the guidance for reporting a breach under the GDPR.

Allnutt added: “Any changes to the plan are made in real time, so it is always up-to-date.

”Hosting it on an external server means it can be accessed any time, from anywhere and on any device. This is particularly useful should a firm experience a breach.”