How quickly do you believe a business should notify affected customers in the event of a data breach?

Security & GRC

Immediately, within hours of discovering the breach30%

Within 24 hours of discovering the breach36%

Within 72 hours of discovering the breach22%

Within one week of discovering the breach3%

It depends on the severity of the breach and the type of data that was compromised7%

193 PARTICIPANTS

11.7k views1 Upvote3 Comments

Sort by:

IT Analyst5 months ago

Depends based on factors such as governing compliance regulation PIPEDA/GDPR/HIPAA/etc and the degree of involvement of data subject. Notification to customers may be required to be sent within 24 hours or may not be even required (if PII isn't involved, though disclosure to authorities is required)

IT Manager2 years ago

In that 24 hours I would hope to be able to provide a bit more information regarding the breach like the why and what now. If that can happen before the 24 hours - that would be better.

IT Manager in Construction2 years ago

I guess people should be notified immediately about the security breach but the companies should make the account protected with a mandatory MFA.

Content you might like

In 2021, did your company's IT budget:

Increase89%

Decrease10%

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

What’s your top barrier to adopting AI-driven pentesting?

Lack of mature vendor solutions42%

Trust in AI accuracy62%

Budget constraints18%

Skills to operate the tools26%

View Results

How quickly do you believe a business should notify affected customers in the event of a data breach?

Sort by:

Content you might like

In 2021, did your company's IT budget:

Why do you think there are so few mature AI-driven autonomous pentesting solutions on the market, and why does this topic seem to generate more hype than in-depth technical discussion?

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

What’s your top barrier to adopting AI-driven pentesting?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go