5 Questions to Ask When Preparing for a Data Breach
Yes, you read that right. It’s time for you and your IT team to prepare for a data breach. Why? Because 43% of U.S. firms experienced a data breach in the past year. We’re not saying that your organization will be next. But why put your company — and your reputation — at risk?
It’s time to shift the perception of disaster recovery planning from an action item on your IT team’s white board to a strategic initiative that has the full support of your C-suite. Following are five questions to ask when preparing for a breach — designed to start a productive conversation with your stakeholders about prevention, detection and response.
1) What would happen if our organization experienced a breach?
You might be met with some blank stares after asking this question. And someone may mention a disaster recovery plan that the IT team created in the aftermath of Hurricane Katrina (don’t be surprises if it’s in a binder and has never been tested). But this questions should open up a dialogue about how your organization’s systems work, where your essential data and applications reside, who has access to them, and how they are currently safeguarded.
This is also an opportunity to determine what events or factors would put your organization at risk for a breach. Perhaps you just acquired another company and are in the process of integrating systems. Or you just implemented a BYOD (bring your own device) policy. Both of these merit reevaluating your security and DR plans.
2) How quickly can we detect a data breach?
Speed is essential to prevention of breaches. Case in point — cybercriminals infiltrated systems as JPMorgan Chase months before they were detected. By then it was too late. An estimated 83 million customer records have been compromised, making it the largest security breach in history.
We get it — your IT team is already stretched to the max. Now is the time to get their suggestions as to how they can detect unusual events swiftly without diverting them from other essential priorities.
3) How effective is our response plan?
Without regular testing, there’s no way of know the effectiveness of your disaster recovery and response plans — or if they’re even up-to-date. Review them with the necessary stakeholders to ensure the following:
- All data assets are inventoried, including locations
- Contacts for your disaster response team are accurate and up-to-dates
- A testing schedule with specific dates is in place
- A log of past testing activities is included
4) Do we have effective prevention measures in place?
Review your current prevention measures to see if they are adequate for your business needs. Are they safeguarding all of your critical data and applications? Are they protecting the right assets? If the answer is “no” to either of these questions, now may be a good time to make some adjustments.
5) What role do our employees play in our security efforts?
As we emphasized in our webinar, How to Spend Your Cloud Security Dollar, people, processes and culture plays a significant role in cloud security and risk management. You can invest in the most advanced technology to help detect and prevent breaches. However, if your organization doesn’t promote a culture of security, that technology loses its value. So ask your team for their feedback on the following:
- How does our culture contribute to or hamper good security?
- What was the last time one of our executives discussed the importance of security to our employees and stakeholders?
- Can we provide assurance to our stakeholders that our organization — and employees — are adequately prepared for a breach?