THIS IS ONLY A DRILL (For Now): How to Conduct a Data Breach Response Drill

by Michael Bruemmer 3 min read December 8, 2017

“Are we next?” That’s the question companies around the world are grappling with as more high-profile data breaches make headlines. At a time when one in four organizations experience cyber-attacks, mishandling the response can do more damage than the breach itself.

We take precautions against dangerous situations every day. With years of practice either in school or at work, most of us know what to do if there’s an emergency. We conduct drills repeatedly because when we immediately know how to respond to a threatening situation, we can minimize destruction. Because of the high probability of a cyber-attack, businesses need to treat breach responses like internal drills, repeatedly practicing until it becomes instinctive.

Prepare your data breach response drill

A well-prepared incident response strategy should first define all breach scenarios (e.g., ransomware, malware, phishing, etc.) and their specific steps. Assembling a qualified team is also critical, individual roles and responsibilities should be defined and clearly communicated. After finalizing the essential components of your incident response plan, regular testing is crucial to ensuring your organization is equipped to handle the unexpected.

Practice makes perfect

Below are six principles to help guide your data breach response drill effectively:

  1. Bring in an outsider.Enlist the expertise of someone outside your organization to run the drills and serve as a moderator. A third-party facilitator allows you and your team to focus on individual tasks and responsibilities.
  2. Put aside plenty of time.At a minimum, give your team half a day to do the exercise and to debrief.
  3. It’s an exercise for everyone.All internal and external team members who will be involved in a data breach response need to participate in this activity.
  4. Expect the unexpected.Your drills should include various likelihoods and situations. Another benefit to bringing in an outside moderator is that they can throw unpredictable scenarios at your team.
  5. Debrief.After the exercise, the entire team should review, discuss each mock situation in detail, and identify any areas in need of improvement.
  6. Repeat every six months.Keep your team aware of the latest developments in the world of cybersecurity and prepared to tackle cyber threats by conducting drills every six months.

Executing these drills are invaluable and help prove to your stakeholders, customers and employees that your company takes data security seriously. The more you practice putting your plan into action, the better prepared you’ll be in a real-life situation.

Visit our websitefor more information about our offerings and how Experian can help you prepare and respond to data breaches.

Related Posts

How Union Credit Expands Access to Credit Unions with Experian

Discover how Union Credit and Experian help credit unions reach younger consumers through personalized digital lending experiences.

Published: July 1, 2026 by Scarlet.Nickel@experian.com
Faster Decisions, Better Outcomes: Experian Verify™ Now Available Through Centro, Mezzo’s Orchestration Engine 

Explore how Experian Verify™ and Mezzo’s Centro orchestration engine are helping mortgage lenders modernize income and employment verification, reduce workflow complexity, and make faster, more confident lending decisions at scale.

Published: July 1, 2026 by Lizel Ferrer
Used EV Growth Signals a New Phase of Consumer Purchasing Behavior

The electric vehicle (EV) revolution isn’t slowing down, it’s changing lanes. While recent conversations have seemingly focused on softening demand for new EVs, the used segment has been gaining momentum. According to Experian Automotive’s 2025 EV Year in Review Report, new retail individual EV registrations fell 35.9% year-over-year. Meanwhile, the used retail individual EV registrations grew 25.4% from a year ago. As affordability and growing model availability reshapes consumer behavior, buyers are increasingly turning to pre-owned EVs, which has shown an interesting market divergence that is redefining how consumers are adopting this segment and what it can mean for automakers, dealers, and the overall industry. Key players behind rising used EV demand Notably, Tesla accounted for over half (60.5%) of used retail individual EV registrations in 2025, followed by Chevrolet at 6.4% and Nissan (5.5%). Diving a bit deeper, Tesla made up the top three models of the used individual registrations last year, with the Model 3 coming in at 27.2%, Model Y at 21.7%, and Model S (6.6%). The Chevrolet Bolt EV followed at 4.8% and the Nissan Leaf was at 4%. Tesla’s position as the leading make in the used EV market is a natural extension of its long-standing dominance in new EV sales. The brand’s leadership over the years created a large fleet of vehicles that are now entering the pre-owned market. What the used EV boom means for automotive professionals The growing demand for used EVs can present more opportunities for automotive professionals. Dealers that provide a healthy supply of pre-owned EVs can increase accessibility and play a role in adoption for consumers who are actively looking to purchase, while marketers can emphasize value and ownership benefits. As the market continues to evolve, automotive professionals who understand and respond to these changing dynamics will be best positioned to capitalize on the expanding pool of used EV shoppers. To learn more about EV insights, visit Experian Automotive’s EV Resource Center.

Published: June 30, 2026 by Kirsten Von Busch