Thought leadership. threat analysis, news and alerts.
What to do When Your Company Suffers a Security Breach
Insider and outsider threats are becoming more and more of a problem, as our reliance on technology increases.
At the same time, 30% of email phishing messages were opened without suspicion.
Not to mention, it only took hackers a couple of minutes to infiltrate a system (in 93% of attacks). Within 28 minutes (or less), data exfiltration had been a success in most attacks.
As the Target security breach proves, it doesn't matter how large or small your business is. Cyber security attacks don't discriminate.
Read on to learn what to do when your company has suffered a security breach. How you react and recover from the breach will determine how extensive the financial and legal repercussions are.
Having a response plan is necessary
An effective response plan minimizes damage. Every employee knows what their task(s) is/are. And, because this plan has been practiced several times, they know what to do.
IT starts analyzing the data that's been exfiltrated.
PR begins drafting a statement to the media outlets.
A designated employee (or employees) contact the appropriate law enforcement.
And the US Computer Emergency Readiness Team (US-CERT) or its equivalent elsewhere is notified.
Overall, a formal incident response plan decreases panic and puts your team into action during this stressful time.
What if you don't have a response plan?
So you don't have a response plan in place. Or your response plan isn't as extensive as it should be.
However, you have no time. You just suffered a security breach. What do you do?
You're not alone. This report indicates that only 25% of respondents have a response plan that's across the entire enterprise. Meaning 75% of respondents either don't have a response plan. Or their's doesn't have extensive coverage.
That said, you still have options.
Be as transparent as possible
A security breach puts your business reputation at stake. If the breach isn't handled professionally, you could lose several customers.
To prevent this, go public about the situation and what steps you're taking to mitigate the breach.
This shows to current and potential customers that your business is honest and is doing everything it can to mitigate the damage.
If the hackers exfiltrated personal customer information, let your customers know...IMMEDIATELY. That way, they can call their banks and cancel their credit cards if needed, before the fraud is committed.
Talk to a lawyer
There will be a backlash after a breach. Customers may sue you for damages. You and the hacker(s) may go to court to handle damages and get justice for the breach.
In any case, contacting a lawyer right away is mandatory. He or she will know more about cyber law than you do. And what steps you need to take to protect your business from lawsuits.
Learn from the security breach
Identify how the hackers gained entry. And work to patch up those vulnerabilities. Conduct penetration testing several times per year to see if those vulnerabilities have been taken care of.
Also, put a response plan in place and practice it.
For more cybersecurity information, contact us.
Steve E. Driz, I.S.P., ITCP