The Pound of Cure You Need if Prevention Isn’t Your Plan

AKA “How to Manage a Data Breach Incident”…

Every Cybersecurity firm will tell you what Mom did: “An ounce of prevention is worth a pound of cure.” Why doesn’t every business adopt that adage? It is never so true as in cybersecurity. Disaster Recovery Plans, increasingly popular this past decade and now demanded they be in place by every executive management team on the planet, were CIO’s/CTO’s shizzle and having one meant, “We’re all set.”

No more. Ask your Head of IT and he or she will confirm this: Assuming your disaster recovery plan has you covered “just in case our network gets attacked and we’re compromised” is like saying “We’re insured for the valuables in our home if someone breaks in.” Insurance may replace tangible possessions if someone does break in but you probably won’t recover everything. Moreover, you lose a sense of peace as you realize it might happen again! New replacement items don’t compensate for the heirlooms you lose in such a breach. Better: ratchet-up your home security with a system that would have had robbers running the other way.

So it is with data and operational security: When hackers’ breach attempts succeed, your proprietary data is stolen, leaked, sold, or ransomed. Statistics show those same hackers

usually circle back for a second ‘hit’. While a Data Recovery Plan may recover some (occasionally all) of your proprietary data, recovery comes with unavoidable costs:

–         Trade secrets … that, used by a competitor, can negatively impact your business revenue for a long time to come while you struggle to comprehend sales losses!

–         PII – Personal Identifiable Information … in your database, now sold on the Dark Web, compromising your own and employees’, customers’, vendors’ personal information and, as such, their trust in being affiliated with your firm!

–         Confidential communications (internal and external) … seized and leaked yet meant for recipients’ eyes only!

–         Operations, hobbling or coming to a screeching halt … that make doing business with you challenging for customers, then post-breach, preoccupy you with error prone catch-up data entry from business you did during the outage!

–         Reputation … your well-nurtured relationships over years that form the foundation of your success, now questioning how irresponsibly you and your firm have handled their data and your operational security, that it could come to this!

Try putting a price tag on any one of the losses outlined above. A better posture to take than “just in case we are breached” is “so that when we get breached sufficiently to be taken down… we have our Disaster Recovery Plan as our fallback.” And when it does occur, here is the pound of cure you need to manage that Data Breach Incident:

Damage Control

Determine what information was taken, which servers were compromised, and what type of info was stored on (each) compromised server. This information will determine the steps you take to recover the breach.

Engage a Qualified Cybersecurity Partner

Well-meaning IT folks with no experience in cyber-breaches typically do more harm than good. Cybersecurity specialists with forensic training can identify what damage has occurred and advise you of options for recovery and mitigation.

Immediately Secure your Network and Accounts

Take all affected systems offline, but don’t turn any machines off without consulting the experts you just engaged.  Update all passwords and re-key locks at your physical perimeters where Operating Systems and Documents are housed. Bank accounts and credit cards should be frozen from first awareness that a data breach has occurred.

Notify Law Enforcement

Sweeping a cyber-breach incident under the rug is senseless. Many choose to do this in hopes they can lessen the impact of a glaring public eye. Not likely. Best to be succinct and transparent with how your firm is affected, putting your proactive (better late than never) foot forward. In order to learn what (if any) legal recourse and protection your firm is entitled to, you’re best served by notifying law enforcement. Federal privacy laws for business data and operations are not yet in place, though several States have implemented their own data breach laws. (Refer The National Conference of State Legislatures for a current list of security breach laws, by state.)

Create a Communications Plan

Inform those who need to know about the breach. Examples: Notifying patients and their providers, only, of breached health records means their privacy is protected as it should be, and as required by law. Notifying compromised customers and vendors of that part, alone, of their breached information (relative to PII, a firm’s Financial statements, customer’s Membership details, etc.) is sufficient and will avoid causing unnecessary panic. (Refer guidelines provided by The Federal Trade Commission for notifying of a data breach.)

If you have found this to be a lengthy read, just imagine the time-consuming exercise you’d experience with a cyber-criminal breaching your network! You’ve just learned five key need-to-knows about managing a data breach, but I bet you’re wanting a better course to bypass all the drama. Here it is: Engage a right-fit cybersecurity partner and watch your Disaster Recovery Plan gather dust.

Much more rewarding … to pound cybercriminals by using Data Guard365 safeguards. That is what an ounce-of-prevention mindset and moving on this call-to-action will get you!

Data-Guard 365 is a MSSP firm headquartered in Indianapolis, Indiana, with offices in Chicago, Atlanta, and other strategic locations across the globe. The company is a one-of-a-kind business partner whose people, processes, and technology provide invincible cyber- security for a price point that pays for itself.

www.Data-Guard365.com / (317) 967-6767 / info@data-guard365.com