2017 Cyber Incident & Breach Readiness Guide - For nearly a decade OTA has published a Breach Readiness Guide to help organizations enhance data protection and prepare for a breach incident. Reflecting the evolution of cybercrime beyond the traditional breach, the 2017 Guide has been broadened to include the wider impact of cyber incidents. As defined by OTA researchers incidents include unauthorized; 1) access to a system or device and its data, 2) extraction, deletion or damage to any form of data, 3) disruption of availability and/or integrity of any business operation, and/or 4) activities causing financial or reputational harm. Visit back on January 25th to download the guide.
Data Protection & Privacy Day Press Release - OTA Incident Research and Release of Guide - coming soon!
Attend the 2017 Congressional Staff Briefing in Washington DC on January 31st to learn more.
Feb 7th Webinar Briefing - Register Today
2016 Data Protection & Breach Readiness Guide - Updated May 16, 2016
Updated to include year-end data, additional international regulatory information and expanded discussion on cyber insurance.
Overview Briefing Deck (PDF, February 3, 2016)
Handouts & Check Lists
- Key Learnings (PDF)
- Risk Assessment Guides (PDF)
- Security Best Practices (PDF)
- Forensics Do's & Don'ts (PDF)
- Cyber Insurance Considerations (PDF)
- Remediation Service Considerations (PDF)
- Law Enforcement Reporting Template (PDF) (Word)
2016 Global Internet Report: Economics of Building Online Trust - Internet Society
The OTA Data Protection & Breach Readiness Guide has been developed to help organizations of all sizes in both the public and private sector. Content has been included to help aid a broad range of stakeholders ranging from business and technical decision makers and privacy and security professionals to web and app developers. The goal is to help readers better understand the issues and solutions which can enhance their data protection practices and enable them to develop readiness plans in the event they incur a data loss incident. See Security Best Practices
Even the most cyber-savvy organizations have found themselves exposed and ill prepared to manage the effects of a data breach. The best defense is implementing a broad set of operational and technical best practices that helps protect your company and your customers’ personal data. The second step is to be prepared with a data lifecycle plan that allows a company to respond with immediacy. Ultimately, industry needs to understand that effectively handling a breach is a shared responsibility of every functional group within the organization. A key to success is moving from a compliance perspective to one of stewardship. This perspective recognizes the long term impact to a brand, the importance of consumer trust and implications and considerations with vendors and business partners.