What to do immediately following a data breach

In the last few years, we’ve seen how devastating data breaches are for companies worldwide. What’s problematic about these is that they’re so common, many others go unreported. If we found it initially shocking back in 2013 and 2014 that places like Target and Sony Pictures could suffer serious data breaches, yet now it is so common that we almost expect to hear about a new breach in the headlines each week.

However this immunity to the shock only leads to complacency. Cyber threats are increasingly on the rise however and businesses should not waver from learning about the new cyber threats nor from finding solutions to prevent data from being compromised. All too often, companies don’t realize they’ve had data stolen until weeks or months later after finding out from law enforcement that their customer data is being sold on the black market, or general financial discrepancies have been reported.

Attempting to recover your data after several weeks usually means you won’t get it back. Your best step is to find out how it happened, how severe the breach was, and how it affects customers, business partners, vendors, and other company stakeholders. Put a response team together to write an official communication that’s transparent about what happened and what you’re doing to make sure a data breach doesn’t occur again.

Steps towards Recovery

ONE) Review your legal obligations with an attorney PRIOR to further communications.

Businesses often rush into notifying stakeholders of the data breach prior to having all the information at hand. While transparency and a fast correspondence may seem like the way to go, Federal and state laws have been created that dictate when and how affected customers should be notified of data breaches. After identifying these obligations, a carefully worded notification should be disbursed as suggested by legal counsel AFTER all the facts have been gathered. Without going into too heavy of detail, stakeholders should be informed of the actions being taken to protect from future data breaches.

TWO) Identify the root cause of the data breach and contain it.

It is important to find the point of entry for the cyber crime through deep forensic analysis. The threat remains until this has been concluded. The vulnerability analysis may involve researching through data capture reports and archived traffic for the cause of the issue. It is recommended at this point to engage an unbiased third-party to further find exactly what data may have been compromised through investigation of incident response and gap analysis.

THREE) Protect the future.

Unfortunately many businesses don’t think about the threat of cyber crimes until after it is too late, resulting in a reaction and not proactively preventing the breach to begin with. If you knew that there was a high possibility that the room behind the door in front of you might have someone with a highly contagious and life threatening disease inside, you likely wouldn’t go inside right? And yet, with the malware and hackers at the ready, we fearlessly open right through that door every time we access the internet! Knowing this, businesses need to develop multi-tiered strategies of protection to limit the likelihood of another data breach in the future.

When looking into data security measures, don’t forget to include taking a look at your employees! Many times, the data breach is a result of a negligent employee not following the guidelines set forth by the company and checking their external e-mails or not using unique passwords thus compromising the security of the company.

Save

Save

Save

Advertisements