In today’s society, all businesses are at risks of a security breach. Instead of solely being reactive, preventative measures should be adopted, so when a company experiences a data leak, they are prepared for the eventuality and the aftermath.
According to Andrew Avanessian, Executive Vice President of consultancy and technology at Avecto said;
Nearly half of security leaders believe a major security breach will happen in the future, yet the post-breach plan that IT decision makers have in mind is fundamentally flawed. Why? These plans are reactive when they should be proactive.
Every company needs to implement a data breach response plan, to ensure that if or when systems are hacked, the business is ready to deal with the consequences.
Once located, it is essential that the breach is contained, to ensure that all other systems are safe.
Tests should be run to see if any other systems have been effected. Using all the available resources, it is imperative that all leaks are blocked and the issue fully resolved.
The systems should be fixed and procedures established to avoid future attacks. The containment and breach assessment will give a company an insight into what went wrong, so that they can improve system security.
Notify and communicate
The disclosure of information is dependent on the industry and the situation. Some industries, such as the financial, are required to report a data breach within a strict time-frame. Ideally, the data leak should not be communicated to the public until a team has been formed to deal with the breach, it has been contained and resolved. The PR department, local authorities and legal department should then be notified. It should be spoken about in a unified manner, with all employee’s statements coinciding.
Once the breach has been communicated, a team will also have to be available to deal with the repercussions.
Re-examine security measures
After the leak has been resolved and assessed, the long term implications will be confirmed. Certain questions will be posed, such as; Why has the company been targeted? Will it be targeted again and what will that mean for the future? The continued analysis of the breach will give the company some insight into the reason the breach succeeded, giving them the tools to create a remediation plan of how to avoid a future attack of the same caliber. It will also give a business the time to reassess their security systems, and to consider whether they need to invest more heavily in security measures. These systems will also require regular testing to ensure efficacy.
Handle the press
Maintain integrity, be honest and take responsibility. Then propose a solution, tell the press exactly what happened and why, and then release a statement about how future attacks will be avoided.
A company should have a strategy in place before a breach has happened, so that they are prepared. Sophisticated security attacks are serious, but can be dealt with. Unfortunately, the frequency of attacks now means that most businesses will succumb to some kind of data breach. However, if a pro-active strategy is created and adhered to, then an attack can be resolved efficiently and effectively.