Thought leadership. Threat analysis. Cybersecurity news and alerts.
What to do When Your Company Suffers a Security Breach
Insider and outsider threats are becoming more and more of a problem, as our reliance on technology increases.
At the same time, 30% of email phishing messages were opened without suspicion.
Not to mention, it only took hackers a couple of minutes to infiltrate a system (in 93% of attacks). Within 28 minutes (or less), data exfiltration had been a success in most attacks.
As the Target security breach proves, it doesn't matter how large or small your business is. Cyber security attacks don't discriminate.
Read on to learn what to do when your company has suffered a security breach. How you react and recover from the breach will determine how extensive the financial and legal repercussions are.
Having a response plan is necessary
An effective response plan minimizes damage. Every employee knows what their task(s) is/are. And, because this plan has been practiced several times, they know what to do.
IT starts analyzing the data that's been exfiltrated.
PR begins drafting a statement to the media outlets.
A designated employee (or employees) contact the appropriate law enforcement.
And the US Computer Emergency Readiness Team (US-CERT) or its equivalent elsewhere is notified.
Overall, a formal incident response plan decreases panic and puts your team into action during this stressful time.
What if you don't have a response plan?
So you don't have a response plan in place. Or your response plan isn't as extensive as it should be.
However, you have no time. You just suffered a security breach. What do you do?
You're not alone. This report indicates that only 25% of respondents have a response plan that's across the entire enterprise. Meaning 75% of respondents either don't have a response plan. Or their's doesn't have extensive coverage.
That said, you still have options.
Be as transparent as possible
A security breach puts your business reputation at stake. If the breach isn't handled professionally, you could lose several customers.
To prevent this, go public about the situation and what steps you're taking to mitigate the breach.
This shows to current and potential customers that your business is honest and is doing everything it can to mitigate the damage.
If the hackers exfiltrated personal customer information, let your customers know...IMMEDIATELY. That way, they can call their banks and cancel their credit cards if needed, before the fraud is committed.
Talk to a lawyer
There will be a backlash after a breach. Customers may sue you for damages. You and the hacker(s) may go to court to handle damages and get justice for the breach.
In any case, contacting a lawyer right away is mandatory. He or she will know more about cyber law than you do. And what steps you need to take to protect your business from lawsuits.
Learn from the security breach
Identify how the hackers gained entry. And work to patch up those vulnerabilities. Conduct penetration testing several times per year to see if those vulnerabilities have been taken care of.
Also, put a response plan in place and practice it.
For more cybersecurity information, contact us.
What to do After Suffering a Website Hack
Even if you do everything right to protect your website, there's still a chance that someone can find a way to hack it.
So what do you do after suffering a website hack? It can be difficult to figure out where to start.
You want to be sure to get your site back up and running as soon as possible -- here are five things you need to do ASAP.
1. Scan Your Website
Before you dive into trying to fix the problem, you need to figure out exactly what happened.
Start a scan to assess the damage and figure out where your issue is coming from.
It's a good idea to download some AntiVirus software to make sure that your computer isn't the issue. If the virus is in your desktop or laptop, fixing just your website won't help.
If it's not your computer, scan your website to find the problem. Then move on from there.
2. Change Your Passwords
This seems like a no-brainer, right? But not everyone realizes how important it is to change all of your passwords after a website hack.
You need to change the password for every single access point that your website has.
While you're at it, make sure that your password is strong and is not based on a dictionary word. The longer and more complex, the better. And don't use the same password for every access point -- change it up!
If you're worried about remembering your new passwords after you've changed them, use a password manager to keep them straight.
3. Reinstall Software & Plugins
We know -- this sounds like a lot of work, and probably something you'd rather avoid.
But if you want to be sure that everything malicious has been removed from your site, you're better off removing and reinstalling your software and plugins.
That reduces the risk of a virus sticking around after your cleanup just to hack your site all over again. The last thing you want is a new website hack just after you've cleaned up the old mess.
A fresh installation works wonders.
4. Restore Your Backup
Hopefully, you back up your website often. If you do, restore your latest backup after you've reinstalled all of your plugins.
If you don't have a backup to work with, now is a great time to start over.
Think about it like an important document for work. The smart thing to do is save multiple copies or use an online storage service just in case.
Your website is just as important, so you should take the same precautions.
Use an offsite service to back up your site and test it often!
5. Make Sure Users Aren't Driven Away
How fast do you click away after Google warns you that a site isn't safe?
If Google recognized that your site was hacked, chances are there's now a warning displayed when users try to navigate to your site.
After you've re-secured your website, be sure Google isn't driving away traffic. You can check their guide for how to make sure the 'hacked' label is removed.
After you've completed all of these steps, your website should be ready to go.
The Importance of Cybersecurity Programs
Cybersecurity seems to be a word no one wants to discuss, whether it be an individual or a company. Maybe because no one thinks they are going to get hacked until it happens to them.
However, getting "hacked" seems to be becoming more and more common nowadays. It's about time we take control before it's too late.
Especially owning a business, you must put having the right cybersecurity programs in place at the top of your priority list.
No matter what type of business you run, you are bound to be working with some sort of sensitive information. And, the last thing you want to deal with is getting it stolen and having your customers lose their trust in you.
Cybersecurity programs need to be a crucial part of your business. Let's find out why you need to be protected and the importance behind them.
Hackers don't discriminate
The first thing to know is that no matter what the information may be, nothing is safe.
So, if you run a doctor's office, personal and health records are at risk and if you run a boutique agency, your client's payment and personal records are at risk.
Cyber criminals will try to get at anything that makes them money. This could be in the form of a data breach or stolen credit card information.
Since we use technology for almost everything these days, everyone's information is out there and hackers know this.
All customer data is at risk
Not having the proper cybersecurity programs intact could affect your business both internally and externally. It could hurt both your business and your customers.
Your employee's information could be compromised, but so could your customers which is getting into much bigger problems.
Most hackers look for personal information that leads to identity theft, ransomware, data breaches, and malware. Nothing is going to hurt your business more than having precise personal information like this stolen.
Hiring a cybersecurity services firm is the first step
The first step in putting cyber attacks to a halt is hiring a cybersecurity consultant or company depending on how big your company is.
This investment is going to pay off in the long run and cybersecurity is only going to become more of an issue as our world continues to run online.
Make sure your cybersecurity services company has industry expertise and a proven track record. This entity will set up your cybersecurity strategy unique to your business.
Implement cybersecurity programs into your culture
Once you have a cybersecurity service or consulting team established, it's time to get your employees on board.
It's important to sit down with everyone in the company to let them know the cybersecurity programs that are being implemented and how to abide by them.
You should also inform them on basic best practices like not sharing passwords or personal information, making your passwords unique for every platform, and not clicking on links or attachments from unknown emails.
There are 556 million victims of cyber crime every year and over 1.5 million victims per day. Don't be the individual or business that adds to this statistic.
Taking the precautionary steps by investing in cybersecurity programs is crucial to your business and your clients. Don't be naive enough to think cyber criminals won't find you.
Are you interested in partnering with a firm that will manage your cybersecurity programs and infrastructure and prevent breaches before they occur? The Driz Group will help you get there.
Steve E. Driz, I.S.P., ITCP