[BreachExchange] When a Corporate Data Breach Happens: Critical Next Steps for 2019

Inga Goddijn inga at riskbasedsecurity.com
Mon Dec 24 18:29:32 EST 2018


https://www.business2community.com/cybersecurity/when-a-corporate-data-breach-happens-critical-next-steps-for-2019-02152346

Regardless of cybersecurity proficiency, no organization is safe from data
breaches. That’s why it’s critical that every business develops and
documents an Incident Response Plan. Your response plan will outline steps
your organization should take if you suspect data has been compromised. The
quicker your business follows the plan, the better off you will be, and you
will be in position to mitigate the impact the data loss will have on your
business.

Reviewing recent 2018 breaches, you’ll begin to realize that even
corporations such as Marriott
<https://www.fightingidentitycrimes.com/marriott-data-breach/>, Amazon
<https://www.identityforce.com/blog/credit/amazon-us-postal-service-breaches>,
USPS <https://www.fightingidentitycrimes.com/breach-news-summary/>, Google+
and Facebook
<https://www.identityforce.com/blog/data-breach/90-million-impacted-facebook-security-breach>
are susceptible to cybercrime. If fraudsters can infiltrate these large
enterprises, imagine what they can do to small and medium-sized businesses
(SMBs). It’s only a matter of time, and the time to prepare your
organization is *now*.
*Building Your Breach Response Team*

It is critical that key personnel are trained and understand their
responsibilities to effectively respond when a security breach occurs. By
identifying and containing a breach you can save yourself a lot of money.
Establishing an incident response team reduces the cost of a data breach by
as much as $14 per compromised record
<https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=55017055USEN&>.

When developing a data breach response plan, it is crucial that activities
across teams are coordinated diligently to reduce the chances for
unintentional errors.

*IT and Security* personnel should be continuously assessing your company’s
data security gaps and training on how to detect vulnerabilities and apply
necessary security measures. They are also the first responders for the
containment and mediation of a breach. According to the 2018 Cost of a Data
Breach Study
<https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=55017055USEN&>
by Ponemon, companies that identified a breach in less than 100 days saved
more than $1 million compared to those that took over 100 days. A *Legal
Team* may need to work alongside IT depending on the severity of the breach
to identify legal obligations and provide advice.

*Human Resources* will serve as the frontline for communicating with
employees, especially if their personal information was breached. They may
also help equip employees with resources and best practices for further
protecting themselves and their families (both before and after a reported
security incident).

The *Communications Team* is accountable for notifying those impacted, as
well as the press. They must work hand-in-hand with the Legal Team to make
sure communications are timely and accurate, which can help to minimize the
possibility of government-imposed fines from regulations such as GDPR and
PIPEDA.
*Developing a Breach Communications Plan*

As a reputable business, you are responsible for notifying law enforcement,
other affected businesses, partners, employees and customers of the
potential information disclosed. Post data breach communications
<https://www.travelers.com/resources/cyber-security/crisis-communications-planning-for-a-data-breach>
may include explaining how the incident occurred, what information was
compromised, what actions have been taken to remedy the situation, and how
your business intends on protecting affected individuals. It’s important to
note that your employees or customers will respond with questions and that
you should be prepared with answers, such as a formal Q&A document. In
addition, be prepared for inquiries to surface via phone calls, e-mails,
social media, and press. Keep your communication honest and timely as this
will help you maintain strong relationships with your customers.

State and federal laws dictate the notification requirements of your
business. Some states require immediate notification
<https://info.digitalguardian.com/rs/768-OQW-145/images/do-your-state-laws-protect-you-the-US-data-breach-heatmap-infographic.jpg>
while others allow up to a 90 day grace period. The chances for litigations
and fines are diminished as your business familiarizes with these
requirements. Being timely with your notification also promotes an honest
demeanor, helping protect your businesses reputation and helping avoid
customer turnover.
*Training and Awareness*

For your Incident Response Strategy to be effective, employees should
periodically practice with simulated breaches. If an event does occur,
response team members should be familiar with the processes within the plan
and ready to jump into action. When executing your plan, keep a keen eye on
potential roadblocks and make improvements to the framework with every
rehearsal. By making your Data Breach Response Plan a routine, you can help
your organization be better prepared for an actual breach.
*Proactive Tips for Businesses in Today’s Breach Environment*

*Be Prepared:* Don’t wait until a breach occurs to create your Response
Plan.

*Protect Your Employees, Customers, and Partners:* Arm your business with
identity protection tools as an added layer of defense.

*Practice Makes Perfect:* When a breach occurs, it should not be the first
time personnel are going through your business’ Incident Response Plan.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20181224/f859a069/attachment.html>


More information about the BreachExchange mailing list