The U.S Department of Justice’s (“DOJ”) Cybersecurity Unit recently released its “Best Practices for Victim Response and Reporting of Cyber Incidents.

The DOJ notes in the publication: "having well-established plans and procedures in place for managing and responding to a cyber-intrusion or attack is a critical first step toward preparing an organization to weather a cyber-incident".  

In summary, the steps that organizations need to take before a cyber-intrusion or attack occurs, are:  to identify their critical needs, have an actionable plan in place and appropriate technology, ensure that the organization’s policies align with their cyber-incident response plan and ensure their legal counsel is familiar with technology and cyber-incident management in order to reduce the response time during an incident.

It is recommended for all companies to follow the recommendations to avoid potential liability from regulators and class action plaintiffs in the wake of a data breach.