‹ Back
Building Trust 1 October 2017

Cyber Incident & Breach Response

Cyber Incident & Breach Trends Report (released January 25, 2018)

Data Protection & Privacy Day Press Release (January 25, 2018)

2017 Cyber Incident & Breach Readiness Guide (PDF) – For nearly a decade OTA has published a Breach Readiness Guide to help organizations enhance data protection and prepare for a breach incident. Reflecting the evolution of cybercrime beyond the traditional breach, the 2017 Guide has been broadened to  include the wider impact of cyber incidents.  

2017 Incident Overview & Resources (PDF)

Briefing Deck (PDF – Feb 7)

Recorded Webinar (Feb 7)

Congressional Briefing Presentation (PDF – Jan 31)

Data Protection & Privacy Day Press Release

OTA’s analysis and tracking of threat intelligence data has revealed the true number of incidents is over twenty times that of consumer data breaches publically reported. Based on preliminary year-end data, over 82,000 incidents were documented impacting more than 225 organizations daily. As the majority of incidents are never reported the actual number of incidents causing harm combining all vectors including DDoS attacks could exceed 250,000. As defined by OTA incidents include unauthorized; 1) access to a system or device and its data,  2) extraction, deletion or damage to any form of data,  3) disruption of availability and/or integrity of any business operation, and/or 4) activities causing financial or reputational harm. 

2016 Data Protection & Breach Readiness Guide
Updated to include year-end data, additional international regulatory information and expanded discussion on cyber insurance.

Recorded Webinar / Briefing (2016)

Overview Briefing Deck (PDF, 2016)

IoT Security & Privacy Best Practices 

2016 Data Privacy/Breach Readiness Guide Press Release

2015 Data Privacy Day Video Highlights including fireside chat with FTC Commissioner McSweeney.   Panel Security & Privacy Beyond Your Walls & Summary – Tim Rohrbaugh, CISO Identity Guard; Josh Aberant, Postmaster, Twitter; Chris Babel, CEO, TRUSTe and Tim Fitzgerald, VP and Chief Security Officer, Symantec. Includes Town Hall wrap up by Craig Spiezle, Executive Director, Online Trust Alliance. 


The OTA Data Protection & Breach Readiness Guide has been developed to help organizations of all sizes in both the public and private sector. Content has been included to help aid a broad range of stakeholders ranging from business and technical decision makers and privacy and security professionals to web and app developers. The goal is to help readers better understand the issues and solutions which can enhance their data protection practices and enable them to develop readiness plans in the event they incur a data loss incident.  See Security Best Practices

Even the most cyber-savvy organizations have found themselves exposed and ill prepared to manage the effects of a data breach. The best defense is implementing a broad set of operational and technical best practices that helps protect your company and your customers’ personal data. The second step is to be prepared with a data lifecycle plan that allows a company to respond with immediacy. Ultimately, industry needs to understand that effectively handling a breach is a shared responsibility of every functional group within the organization. A key to success is moving from a compliance perspective to one of stewardship. This perspective recognizes the long term impact to a brand, the importance of consumer trust and implications and considerations with vendors and business partners.

‹ Back

Related articles

Cyber Incident & Breach Readiness Guide
Building Trust1 October 2017

Cyber Incident & Breach Readiness Guide

Championing Data Privacy & Protection to Enhance Consumer Trust  We promote security standards, responsible privacy practices, and related tools to...

2018 Cyber Incident & Breach Trends Report
Building Trust25 January 2018

2018 Cyber Incident & Breach Trends Report

This year marks the Online Trust Alliance’s tenth annual publication related to cyber incidents and breach readiness. Now an initiative...

2017 Cyber Incident & Breach Readiness Guide
Building Trust25 January 2017

2017 Cyber Incident & Breach Readiness Guide

The cyber threat landscape has changed dramatically over the past twelve months, with the definition of incidents expanding significantly beyond...

Join the conversation with Internet Society members around the world