What to do in the event of a data breach?

Even though it now appears there was no terrorist attack on a pump at an Illinois water utility, the SCADA infiltration scare was a reminder that data breaches can come from any number of angles.

The year 2011 has been pockmarked with one breach after another, with the Sony PlayStation Network and even security leader RSA getting hit.

So what's a company to do? Do you hide the fact that your network has been hacked or do you make that information public immediately to try to minimize damage in the court of public opinion? We have two experts who recommend taking different tacks, with one advocating that you don't say anything until forced to and the other insisting doing so is a critical first step.

One study says that it could cost a company $204 per compromised customer record with the average total cost running in the neighborhood of $7 million. One answer is cyber insurance. If hackers are always one step ahead of those protecting your network, a viable option is to have insurance to help defray the costs of damages.

To continue reading, register here to become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.