Data breach: steps not to take after it
Has your company ever been hacked? Or have you received a notice your personal information or your credit-card number was stolen in a data breach? If so, you’re definitely not alone. The matter of data breach, as it is said, just a matter of time. Take for example dozens of giant companies such as Target, HomeDepot, Neiman Marcus, Yahoo and Anthem, which have suffered huge data breaches with millions of accounts being compromised.
If your company or you’re among the millions of consumers whose sensitive information have already been or may have been exposed in a data breach, here are four steps you SHOULDN’T take if you know your personal information has been compromised.
Keep your head and stick to the predetermined plan
Bear in mind that not only complete unpreparedness to data leak could lead to disastrous consequences for a company but also chaos and panic can be fatal. It has never led to anything good. Don’t freak out and stick to the beforehand prepared response plan. The first step here is to investigate the most likely reason of the incident. Was it caused by a ransomware attack, malicious software intrusion, insider threat or your negligence towards basic security rules? Once you figured out the probable reason, isolate the affected system and immediately eliminate the reason of an attack. Finally, make sure your system is secure.
Don’t work alone and feel free to ask for help from third- parties
If after a thorough internal investigation you are fully confident a breach has taken place, engage third-parties to help you examine the incident and mitigate the consequences. Don’t go it alone. Engage legal counsel, outside investigators, public relations managers and communication experts. All these specialists can help you conduct in-depth investigation, create a counter-attack tactics and communicate to the media. This solid teamwork will help any organization identify the main reason that caused an attack, draw up a plan of action for the future and advice on how to response to affected customers.
Documentation and reports are required
The importance of documenting everything should not be underestimated. This is particularly crucial in case of a data breach. If you create a report on the details of the incident including what systems and what critical data were impacted and which remediation measures were taken, it will be easier to mitigate the risk of data leak further. All results of the examination should be analyzed and documented so they are available at any time. Interview anyone involved and document their responses as well. All this information will help you be fully equipped if a data breach ever happens again.
Don’t use the same technologies again
Once your business has recovered from data breach and all business processes are restored, you cannot think that the same technologies and countermeasures you had in place will be effective any again. They haven’t worked this time what means you have gaps in your security strategy and they are unlikely to ever work. Your data loss response plan should change with constantly evolving cyber threat environment. Close interaction with your IT and security teams is also necessary to develop the best data protection solutions.
No company is immune from a data security threat. Even slight data breach can destroy company reputation and damage its finances. One thing any organization has to do is to have security “Plan B” in place for how to deal with the consequences of an attack. Always remember, a company’s response to these attacks is critical.