How to minimize the pain and disruption of a data breach​

Now you can get the same advice that ordinarily only comes when you spend tens of thousands of dollars in consulting fees
I worked with one client a few years back that hired a forensics firm that drew the wrong conclusions and had my client publicly disclosing a HIPAA breach when in fact there wasn't a HIPAA breach at all. That mistake probably cost them hundreds of thousands of dollars, not to mention lost productivity, and tremendous disruption to the business and their employees' personal lives.

Not to mention the trouble it caused to all of their customers who were notified, and the stress and disruption it caused for them.

Another client started working with a top notch law firm, only to find out weeks later that the law firm wasn't on the cyber insurance carrier's approved list. All of the contracts for the vendors working on the breach were going through this law firm, and had to be ripped up and re-written by another firm that had to be brought in while all of the breach related activities were put on hold until the new contracts could be drawn up.

And there are many more such stories.

I've seen so many clients that thought they were adequately prepared only to find out they actually weren't prepared at all.

But until now, there wasn't any reference guide that covered all the points you need to cover in order to be truly prepared. That's what led me to write a guide so you can avoid the pitfalls I've seen so many other companies fall victim to.
In this guide you'll learn:
- How to understand what your cyber insurance policy covers and who is "in network" (page 15)
- How to choose an incident response firm and ensure your team is ready for them to hit the ground running when you need them (page 17)
- How to avoid choosing the wrong retainer package (page 19)
- When you might NOT need a retainer (page 20)
- How to ensure that everyone knows their role and job when the breach strikes (page 22)
- Not all consultants have the experience and skills to give you the best advice. How to choose the firms you should work with (page 5)
- How to ensure your team is ready to respond and help minimize the disruption of a breach (Page 26)
- How to identify the right incident response firm for your company and breach scenario (Page 7)
- The five most common breach scenarios and how to determine the best incident response firm for a given scenario (Page 9)
- When choosing a forensics firm, experience and methodology trumps technical certifications (Page 10)
- Choosing the right insurance policies and how cyber insurance fits into the larger picture (Page 28)
- The key ingredients of an indispensable incident response plan (Page 22)
- Why training and playbooks can make or break your ability to respond to a breach (Page 27)
- The types of scenarios make the most impactful tabletop attack scenario exercises (Page 26)
- How to test and enhance your detection processes to help you prevent or respond quicker (Page 25)
- How to choose the law firm that will provide the best support during a breach response (Page 29)
- Why the first three phone calls you make will determine how the breach investigation goes (Page 31)

Data Breaches Keep Happening. So Why Don’t You Do Something?

New York Times - Aug 2018
When I worked at a consulting firm, you could only get this advice by engaging us for tens of thousands of dollars. But this is guidance everyone should have at their fingertips. And the truth is that if you act on the guidance provided in even one or two of the pitfalls in the book, you’ll save yourself thousands or even more.
"Time and again, expensive consultants like me are hired to solve complex cybersecurity business problems which could have been mitigated or even fully avoided had the company leadership considered learning from past mistakes.

Implementing the appropriate basic preventative measures can reduce the impact of breaches and other significant cyber incidents, but what exactly are those "appropriate measures"?

Luckily, Jeff Groman provides us quality advice culled from thousands of hours consulting with the Global Fortune 1000 in 'Minimizing the Pain of the Breach', allowing us to gain the most valuable insights without negatively impacting our most important resources: time and budget."
- Jackie Singh (formerly Stokes) is the Founder and CEO of Spyglass Security, a boutique cybersecurity advisory firm.

“All of a sudden, every Chief Information Security Officer is talking to the Board, because every Board wants to know: Is this the new normal?”

Kevin Mandia, CEO FireEye in an interview on 60 Minutes after the Sony breach (2015)


Over the course of this book, I enumerate 11 distinct pitfalls that I’ve personally witnessed other companies fall victim to, and I provide specific guidance on how to avoid them.

“Anyone who has to answer the tough questions from their board will find themselves better equipped to do so after reading this book.”

“This book is for anyone who is responsible for leading a breach response. If you have done that in the past, you know how exhausting and downright disruptive breaches can be and just how much of that pain rests squarely on your shoulders.

The cost of this wire-bound book is $497, and I will ship it to you via USPS within 7-10 business days.