CSR Readiness Pro | Readiness Assessment + Breach Reporting

CSR Readiness® Pro

With a bundled privacy assessment solution and data breach reporting service, you can be both proactive and reactive:

The first minimizes your risk of compromised data, and the second protects your reputation and prevents costly fines if a breach occurs.


CSR Readiness Pro helps you manage the lifecycle of personally identifiable information (PII). This comprehensive security suite features two award-winning solutions to prevent data security issues and protect your company if a data breach occurs.

  • CSR Readiness® Privacy Assessment is GAP analytic self-assessment. The initial questionnaire evaluates how an organization handles PII across several knowledge domains. Expert systems then analyze the responses, identify weaknesses, weigh threat vectors, and generate a prioritized remediation schedule for your business. 91% of data breaches are avoidable. CSR Readiness shows you how.
  • CSR Breach Reporting Service™ Should a data breach occur, CSR brings years of ISO-certified experience to bear. Our patented Breach Reporting Service™ determines if your event is reportable. If reporting is required, we analyze the reporting needs of 300+ regulatory bodies and 105 sovereign nations. We ensure compliance with regulatory reporting requirements to mitigate fines and minimize damage to your reputation. If you suspect a breach, you just call the privacy experts at CSR. This service can save your company - many do not survive a data breach. One key factor is a fast, accurate response.

Both solutions are created and implemented by the knowledgeable and trustworthy Certified Information Privacy Professionals (CIPP) at CSR. You can rest easy knowing you have a team of experts behind you, both to prevent security issues and to address suspected data breaches if they occur.

Download the Readiness Pro Product Overview.


A stolen briefcase or laptop. An accidental email. An aggressive phishing scheme. Any of these situations can prompt a devastating data breach. According to the Ponemon Institute, it costs small businesses an average of $690,000 to take care of the situation after being hacked. Invest in CSR Breach Reporting Service today and you can save money, preserve your company’s reputation, and remove hassles and headaches if a breach occurs.

Proactive Protection

According to Small Business Trends, nearly half of data breaches are caused by negligent behavior by an employee or contractor. This situation could have been prevented by taking certain steps.

First, it’s vital that every business institute proper data security policies and protocols, and train all personnel on how to adhere to them. In the case below, a device containing PII should only be stored in a secure physical location. In addition, sensitive data stored on any device should be encrypted to render it useless to anyone without the proper password.

CSR Readiness® Privacy Assessment is an excellent tool for finding security deficiencies like these and alerting businesses to solutions, policy templates, and best practices. Implementing solutions suggested by the CSR privacy experts could have prevented the breach.

Reactive Protection

The example below qualifies as a data breach. According to data protection laws, the business is required to report such incidents to the proper authorities within 24 to 72 hours. Failure to do so would put the company at risk for potential fines and lawsuits, as well as reputation harm and customer turnover.

Unfortunately, during a stressful situation, it can be difficult for small businesses to quickly research the laws and take the appropriate steps within the mandatory timeline.

However, if this business had invested in CSR Breach Reporting Service™, their first step would be to make a toll-free phone call. Then CSR privacy experts would assess the situation, report the incident to the necessary entities, and help the company navigate the sensitive task of notifying individuals whose information was compromised.


  • Self-assessed testing (no risk of failure) and a flexible schedule
  • Risk mitigation tools, including an incident response plan
  • Policy templates and best practices
  • Proof of your efforts to comply with data regulations
  • High-quality online data risk assessment from certified IAPP Privacy researchers
  • 24/7 access to maintain data privacy strength as your organization and regulations change
  • Certification of Completion with an ID StaySafe Trust Shield Program seal for public display

According to the U.S. National Cyber Security Alliance, around 6 in 10 small companies that face a cyber attack go out of business within 6 months—years' worth of of hard work, up in smoke. Invest in the Readiness® Privacy Assessment and begin taking steps to protect your business today.


  • Saves time, money, and stress
  • Translates complex laws and regulations into accessible, actionable information
  • Mitigates your risk of civil and/or criminal penalties due to incorrect reporting
  • Fulfills regulatory breach reporting requirements
  • Provides a key part of your Incident Response Plan
  • Offers a single point of contact to simplify the situation

Breach Example: The Rental Car Break-in. A company executive goes on a business trip and his rental car is broken into. The burglar makes off with a briefcase that he left in the trunk. Inside the case was a thumb drive storing customer records, client contact information, employee PII, and intellectual property.

Employee Training, Encryption

Myth: "Data breaches aren't that common."

For every headline-making data breach involving a large corporation, dozens of breaches at small businesses go virtually unnoticed. In fact, just over half of small businesses reported they had experienced a cyber attack between May 2015 and May 2016, according to Small Business Trends.

The most common attacks reported were web-based attacks, phishing/social engineering attacks, and general malware. The top three root causes businesses reported were negligent employees or contractors, third-party mistakes, and system or operating process errors.

Myth: "Hackers won't bother targeting a small company."

It's easy to feel complacent when your small business flies under the radar and doesn't make headlines -- but that's an error you can't afford to make.

Cyber-attackers do indeed focus on small businesses, for a variety of reasons:

  • Small businesses often don't have the stringent data security procedures and protocols that large businesses do. That makes them an easy target.
  • Small companies can offer a big payoff for thieves. Like larger corporations, they possess valuable information such as financial data and employee PII.
  • In many cases, cyber criminals aren’t taking much of a risk. Only one in every 10 cyber crimes reported by small businesses result in a conviction, according to the United Nations Office on Drugs and Crime.
Data Breach in a Small Business

Specialty T-Shirt Maker in Pennsylvania Incurred $200,000 Loss Resolving Data Breach

After a credit card company informed an online T-shirt business that its customers were experiencing suspicious transactions, the company halted online data collection and contacted a forensic examiner and the Secret Service. No evidence of a breach was found, but a few months later two more card companies alerted the T-shirt company of fraudulent transactions. The worst had occurred: A former senior executive (since deceased) had compromised thousands of customers’ PII. The company spent $200,000 resolving the breach—not counting the lost sales during the time the business couldn’t accept credit card payments.

Channel Partners: Team up with the privacy experts at CSR.

Small businesses purchase flood and fire insurance and install alarms and sprinkler systems in case of emergency. But far too few small companies are adequately prepared to prevent data breaches or deal with the fallout if one occurs. In fact, 75 percent of small businesses do not hold cyber risk insurance or don’t know if their policy covers cyber crimes, according to Small Business Trends.

When you become a CSR channel partner, you can connect your own clients to exclusive privacy solutions. CSR Readiness Pro, which is only available through resellers, delivers a comprehensive program to manage safeguarding of PII as well as reporting suspected data breaches to the proper authorities and individuals.

Along with helping your clients save time, money, and hassles, you will gain exclusive benefits: new revenue streams, diversified product offerings, enhanced customer retention, quality leads, and more. CSR will provide all the training and marketing materials you need. Team up with CSR today!

Your company’s PII is in good hands—and now you can offer your clients the same service. Team up with CSR to benefit your customers, increase your revenue, and attract new clients. Call CSR at 888-294-6971 to find out how to become a channel partner.

Privacy Prime
  • 22 Jan 2018

    Meticulous Equifax Timeline

    Data Breach timeline for Equifax's 2017 Data Breach. One of the most significant data breaches to date.

  • 22 Jan 2018

    2017 Year End Review

    Every year breaches are becoming more prevalent and have a much higher impact then years prior. Take a look at some of the breach reports that it made it on our list.