Handling A Data Breach And Preventing The Next One
The year 2014 was a record-breaking year for security breaches, according to the cloud security provider Bitglass. The average breach lasted 205 days and cost businesses an average $5.5 million. This doesn’t include damage to brands or the angst to employees and customers.
Are breaches inevitable? Maybe. This doesn’t mean companies can’t fight back. As with any threat, education, prevention, and a response plan can lessen the impact.
Education on Risks & Prevention
Personalize the security training you deliver to employees to include information about how they can protect their data. When it comes to security and data breaches, we are all in this together. Keep this in mind when you review your company’s internal security measures. Don’t limit security to financial accounts; make sure your employees’ information is safeguarded, too. Hackers are just as interested in getting Social Security information from your payroll as they are in invading the corporate account.
Investigate and share resources with your employees to help them stay abreast of personal security issues. Let them know how the company is safeguarding their data, too. Finally, be clear about security procedures. If you allow a BYOD — bring your own device — policy at work, insist that everyone return surveys that list the devices they use (if any) at work. Explain that you are protecting their devices against hackers that will be happy with any personal or financial data from any source.
What to Do if Your Company is Hacked
The first step after you stop the attack is to assess its severity, says Veracode, another cloud security service. Communicate this only with those who need to know and to provide the amount of information they require. Ideally, you already have some security measures in place and a response plan that you’ve practiced. Now is the time to follow it. Don’t second-guess it or allow someone to overrule it. This isn’t the time to improvise.
Second, if the breach interrupts your services, notify customers who may be affected. StubHub did a great job with this. After hackers broke into customer accounts, StubHub immediately contacted those customers and worked with them to set new account access passwords.
Veracode advises its customers to follow these steps when communicating with the public after a breach:
- Tell customers and media who call that you’re “aware of the situation”
- Explain that your response plan has been launched
- Provide updates
- Don’t speculate on what happened
Bank Technology News praises PNC Bank’s response to customers who contacted it shortly after the Home Depot breach. They were honest about what happened, assured customers their money was safe, and promptly replaced the cards of those who reported fraudulent charges. They did not employ robo-calls, a practice that one security expert says is “even more unsettling from a consumer’s perspective.”
Third, focus on restoring services and leave the forensics to another time. You need to let customers know the services they need will be back as soon as possible. Tell them when they are restored.
Questions to Help Prevent Future Data Breaches
Once you’ve restored security, Security Week suggests reviewing these questions:
- Has too much responsibility and oversight been put to a single person?
- Are the right people involved in security?
- Are we defining all data equally or recognizing the most sensitive data and dedicating enough resources to it?
Security is an ongoing process. Get your team to think like hackers and identify weak spots that may make your company more vulnerable. Stay vigilant and incorporate security into your corporate culture.