[BreachExchange] Dealing with data breach

Tue Jun 21 10:10:25 EDT 2016

http://utilityweek.co.uk/news/dealing-with-data-breach/1253262#.V2Gh-NUrLC0

Over the last 5-10 years, companies across all industries have experienced
cyber breaches on a fairly consistent basis, with hackers pursuing data for
the sake of profit. Typically, data such as names, addresses, bank and
credit card information has been targeted in order to commit fraud.

Last year utilities companies were ranked the highest risk industry for
data breaches. For example in 2015, British Gas suffered a data breach
where 2,200 customers’ email addresses and account passwords were posted
online.

Increasingly, there appears to be a hierarchy among hackers—a contest of
sorts—with status measured by the size, scale and impact of the hack.
Companies need to assess their abilities to prepare for and respond to data
breaches.

In the past, a utility company’s response to a breach would begin with the
discovery of an incident. At this stage, the extent of the breach and any
specifics as to what information was taken might be unknown. Insurers,
outside counsel and investigators would likely be involved as soon as
possible to find out what type of information was compromised, when it was
taken and how quickly the leak could be stopped.

The breach landscape is, however, changing rapidly, and savvy legal and IT
teams are now looking for more than just one-off breach responses. Instead
they are looking to partner with experts that can handle a breach from
initial detection through any resulting litigation —and offer adjacent
services, such as proactive information governance—to help both reduce the
risk of a data breach and minimise the damage if one does occur. Similarly,
even after a data breach, that partner may offer services to efficiently
and effectively handle any litigation that arises from the breach,
including eDisclosure services, forensics and collections, document review
and processing and production.  Utility companies can face lawsuits from
consumers and shareholders, as well as regulatory fines and potential loss
of clients and reputation. As the breach runs through its life cycle,
litigation may arise—depending on factors such as the size of the breach,
the company and consumers involved, and the nature and scope of what was
taken or compromised. In the event of litigation, an organisation will
require an eDisclosure service, which enables it to efficiently manage the
collection, processing and review of electronic documents and
communications.  An experienced eDisclosure service provider will use
technology to perform automated searches on collected data to determine
relevance to the case at hand. Utilising technology not only speeds up the
eDisclosure process, but it also helps manage the cost of the exercise.

With the help of its service provider, the organisation will need to prove
to the regulatory authorities that it had systems in place to minimise the
risk of a breach in the first instance by demonstrating that it had
established, well-communicated corporate policies as to data loss
prevention and any associated auditing procedures. It will also need to
show that it had no advance knowledge of potential threats and that it
responded with timely and adequate notice post-breach.

Document review is integral to this process, involving in-depth evaluation
of the relevant communications. In data breach litigation, this process can
be exhaustive, with large bodies of documents needing to be reviewed for
relevance by trained experts in very short periods of time. In this
scenario, an outsourced solution for document review—with secure
facilities, tested training methodologies and review workflows—is essential.

Recent rises in the volume of high-profile data breaches within the
 utility industry have put the threat of malicious hacking in the
spotlight, raising fears of regulatory punishment and severe damage to
corporate reputation. Organisations need to take control of the whole data
breach cycle, working with information governance experts to take a more
proactive approach to prevention and developing a more holistic, end-to-end
response in the case of detection. As hackers become more sophisticated and
less predictable, organisations are increasingly engaging with experts to
counter the threat should it arise.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160621/cbb45c5b/attachment.html>