• Follow us

Internet

After the breach: Six key actions to take

Despite an organisation’s best efforts, with the level of sophistication of today’s hackers and other malicious actors, sometimes a data breach is unavoidable. As a result, all businesses should be prepared for the very real possibility of its data being stolen, held for ransom or manipulated in a way to make it unusable.

The key to surviving a data breach is dealing with it swiftly, effectively and transparently to minimise damage and keep those affected in the know. Here are six key steps that organisations can follow to achieve this and build a stronger, safer network to avoid future breaches.

Contain the threatThe obvious first step in dealing with a data breach is containing the threat. Now that you’ve identified an intruder in your system, it’s time to kick them out and stop them from getting in again. There may be multiple hackers within your system, so be careful to track them accordingly.

Your entire security team needs to be available to assist with this. Identify and secure the main access point – and any additional access point the intruder may have created after gaining initial access.

Identify the vulnerabilityThere are a host of vulnerabilities that could leave your network vulnerable, whether it be a missed patch update, lack of data encryption or even a new type of cyberattack for which your organisation wasn’t prepared. Knowing the source of the threat will show you what you need to focus on in the future. Knowing the nature of the vulnerability, who (or which team) was responsible for it and why it was missed helps you understand where there’s room for improvement.  Getting to the root cause of the attack also will enlighten other organisations about what precautions should be taken in the future. Since the nature of cyberattacks is constantly evolving and the ways in which hackers gain access is never quite the same, this is vital information to share. It is also important that you give your customers and other stakeholders peace of mind by identifying the issue and confirming that you’ve secured it. Determine what was stolen (and how much) The intent behind every data breach is different: not everyone is after Social Security Numbers and email addresses. Alternatively, some hackers may be interested in banking information, electronic health records (EHRs) or in manipulating data for political or economic gain. So, after falling prey to a data breach, it’s important to inventory everything that was stolen or changed. This is essential when you are disclosing the nature of the breach. Knowing what was stolen gives you an idea of what is likely to happen to the data and what precautions victims should take.

Understanding what information from your business is valuable to hackers will also allow you to better safeguard that particular information in the future.  In cases of manipulation (tampering) of encrypted data, identifying the data that was hacked is of the utmost importance. This is not just so organisations can understand the motives of the hacker, but so they can correct their now-corrupted data.

Data manipulation refers to modifying the data in such a way to render it unusable. If you were prepared for a data breach, you’ll have backup data servers in place.  Organisations can recover this information using their backup devices and actually determine how hackers changed the data. Data modification can be used for nefarious activities with the intent to harm a specific individual, such as bloodwork tampering, or unauthorised changes to a no-fly list. Being able to detect unauthorised modifications to encrypted data is essential since the potential danger to personal and public safety is extremely high.  

Announce the breach immediately Although it’s not ideal, be transparent when a data breach occurs. Tell the public, tell your customers and tell your vendors. Whoever is at risk needs to be notified immediately. The GDPR gives European companies and companies that deal with European customers only 72 hours to report a breach after it happens. And forty-eight U.S. states, Puerto Rico, the District of Columbia, Guam and the Virgin Islands all have legislation requiring that individuals be notified if personally identifiable information (PII) has been put in jeopardy because of a data breach. Offer your customers recourse It’s standard procedure for organisations to offer customers one to two years of credit monitoring services if their data has been compromised. In 2017, the state of Delaware introduced new legislation that stated a breach of 500 or more individuals requires that the affected organisation purchase credit monitoring services for their affected customers.

Don’t just comply with government legislation when determining how much to offer your customers and employees affected by a data breach. Rather, go big when providing your customers recourse. History tells us that data breaches can lead to major distrust of the affected brand. Take Target’s 2013 data breach, for instance: its sales fell 46 per cent the following quarter. Providing immediate support for your customers – and admitting that you have an obligation to make this right – can mitigate a fall in sales and loss of trust. 

Make sure it doesn't happen again Today, one data breach is hardly forgivable. Suffering multiple data breaches in a short span of time is a recipe for disaster and could even mean the end of your business. According to a Dark Reading report from 2017, 66 per cent of small businesses would either go out of business or shut down for at least one day if they suffered a data breach. In another report, 76 per cent of those interviewed said they would stop using a company that suffered more than one data breach.  It’s important that you do everything in your power to prevent a data breach from happening again. After all, you are now a target. You have sent a message to the hacker community that you are lax when it comes to security. It’s time to recreate your image as a company that takes data security very seriously or suffer the consequences. 

Whatever led to the vulnerability will require you to examine your business processes and modify your security operations procedures. It’s also vital that you re-examine all of your security processes. Is your threat detection software doing its job? Is your data encryption sophisticated enough for your organisation’s needs? Do you have a security-first mentality within your organisation? Address all of these questions and respond accordingly.

Jeff Harrell, VP, product and marketing, ZettasetImage source: Shutterstock/Ai825

Read More



Leave A Comment

More News

TechRadar: Internet news

The Samsung Galaxy Fold just changed the future 2019-02-20 20:04:54The Fold is too expensive, weird and thick for the mainstream… but this is just the beginning.

Best security camera: keep an eye on your 2019-02-20 19:53:36We've collected together all of the best smart security cameras for keeping your house safe when you're not around.

YouTube TV: Everything you need to know about 2019-02-20 19:42:38Watch out cable, YouTube TV is here to liberate the contract-bound masses. Here's everything you need to know.

Best running headphones 2019: our top 10 choices 2019-02-20 19:17:39From tarmac to trail, the best running headphones will keep your tunes going right up to the finish line.

Best Samsung Galaxy S10e pre-order plans and prices 2019-02-20 19:14:50Samsung's Galaxy S10e is supposedly its more affordable offering, but you can save even more with these plans

Best Samsung Galaxy S10 Plus pre-order plans and 2019-02-20 18:50:12The larger of Samsung's Galaxy S10 phones obviously costs the most, so here's how you can nab it for less.

Samsung's new Galaxy Fit and Fit E are 2019-02-20 18:47:15If you're going to release a fitness tracker these days, you need something exciting... but only the price might attract you.

Best Samsung Galaxy S10 pre-order plans and prices 2019-02-20 18:36:04Samsung's latest flagship will no doubt be its best to date, and here's how you can ensure you get your hands on it.

Remote code execution vulnerability discovered in WordPress 2019-02-20 18:31:48Researchers have discovered a critical flaw that could allow hackers to gain complete control over a user's WordPress blog.

Samsung Galaxy S10 Plus vs Samsung Galaxy Note 2019-02-20 18:20:13The Galaxy S10 Plus has a screen the same size as the Galaxy Note 9, but what else is similar?

Best Samsung Galaxy S10 outright prices in Australia: 2019-02-20 18:14:28Samsung's next flagship series, the Galaxy S10, has been revealed – here's how you can secure your pre-order.

Here's everything that launched at Samsung Unpacked 2019 2019-02-20 17:25:39Samsung just announced a huge number of new devices, so we've rounded up the info you need on them all right here.

Latest ITProPortal news

Microsoft opens first African cloud regions 2019-03-07 08:00:42Azure comes to Africa with opening of new South African facilities.

Huawei is suing the US government 2019-03-07 07:00:04"Unlawful" restrictions will be challenged in court.

Transparency outside and inside an organization made clear 2019-03-07 06:00:53Staying transparent and reliable for several decades is a serious competitive advantage not only for a software development company, but for any compa

UK consumers don't care where their data is 2019-03-07 06:00:47When it comes to storage, UK users are happy to pass the buck, survey finds.

Overcome legacy methods by adopting a product mindset 2019-03-07 05:30:49In this article, I’m going to outline the essential parts of a product-driven process, whilst bringing it all to life with a something my team a

After the breach: Six key actions to take 2019-03-07 05:00:00Here are six key steps that organisations can follow to achieve this and build a stronger, safer network to avoid future breaches.

The concept of "mirroring" in marketing - What 2019-03-07 04:30:11Companies that manage to hire this perfect, empathetic sales person see a huge boost to the bottom line.

The real possibility of extortion attacks on OT 2019-03-07 04:00:54The arrival of IIoT and OT means delivering a new set of digital vulnerabilities that are in danger of being underestimated in the same way consumer I

European "AI startups" aren't actually using AI 2019-03-06 09:00:36Nearly half of firms fail to employ AI despite extolling its virtues.

Mobile malware attacks double in 2018 2019-03-06 08:00:48Kaspersky Lab report finds smartphones facing greater security risk.

Massive SPOILER vulnerability affects Intel CPUs 2019-03-06 07:00:35New security worry comes months after major Spectre flaw.

UK police urged to embrace cloud 2019-03-06 06:00:24Citrix study finds vast majority of forces could benefit from migrating off-premise.

Nouvelles Internet

Des pirates iraniens ont fait des centaines de 2019-03-06 17:00:00Des pirates iraniens ont mené depuis deux ans des cyberattaques contre des milliers d'individus et plus de 200 entreprises à travers le

Les élus démocrates veulent rétablir la neutralité de 2019-03-06 15:27:00Les élus démocrates au Congrès américain ont dévoilé mercredi un projet de loi visant à rétabl

À 30 ans, le web est-il devenu un «monstre 2019-03-04 07:01:00Le World Wide Web fête ses 30 ans en mars, mais les fake news et réseaux sociaux retardent son entrée dans la maturité

YouTube bloque les commentaires sous la plupart des 2019-02-28 16:20:00Après avoir déjà supprimé des millions de commentaires suspects accompagnant des vidéos d'enfants, YouTube a d&eac

Données personnelles: une enquête visant Facebook à New 2019-02-28 15:50:00Facebook faisait face jeudi à un nouveau front juridique : un régulateur new-yorkais a ouvert une enquête sur la façon

Attaques massives contre les noms de domaine internet 2019-02-22 17:37:00L'internet mondial est actuellement visé par une vague d'attaques informatiques d'une ampleur inédite, qui consistent à modifi

YouTube encore impliqué dans une polémique de pornographie juvénile 2019-02-21 15:08:00YouTube (Google) a assuré jeudi avoir retiré des millions de commentaires et supprimé des comptes visiblement utilisés par

Fausses nouvelles: les géants du web sommés de 2019-02-20 16:45:00Un comité international de parlementaires souhaite que les dirigeants de certaines des plus grandes entreprises mondiales de médias num&

En «guerre» contre la pornographie, le Bangladesh bloque 2019-02-19 08:42:00Les autorités du Bangladesh ont bloqué près de 20 000 sites internet dans le cadre d'une « guerre » c

Nouvelle-Zélande: vers une taxe pour géants du web 2019-02-18 13:23:00Le gouvernement néo-zélandais a annoncé lundi la création d'une nouvelle taxe visant les géants de l'internet, te

Amazon visé par une enquête autrichienne pour abus 2019-02-14 07:24:00L'autorité autrichienne de la concurrence a annoncé jeudi l'ouverture d'une enquête pour abus de position dominante contre Amaz

Une entreprise chinoise a détourné des données internet 2019-01-31 18:13:00Une entreprise de télécommunication chinoise a secrètement détourné le trafic internet canadien vers la Chine, a ac

Dev Pro

Samsung Revamps Flagship Phones With 5G, Low-Cost Options 2019-02-20 22:09:00Samsung Electronics Co. debuted its most extensive new lineup of smartphones, taking on Apple Inc. amid a slowing market with new low-end and premium

Samsung Launches $1,980 Galaxy Fold Phone That Turns 2019-02-20 21:30:00Samsung Electronics Co. unveiled a $1,980 smartphone with a foldable screen, a dramatic shift in the mass market for phones.

Samsung Galaxy S10 Versus IPhone Xs Max: How 2019-02-20 21:11:00Having a family of three devices has become a trend, and in many ways the S10e, S10, and S10+ are Samsung’s answers to Apple’s iPhone XR,

Apple Is Said to Target Combining IPhone, IPad, 2019-02-20 18:41:00Apple Inc. wants to make it easier for software coders to create tools, games and other applications for its main devices in one fell swoop -- an over

Microsoft Says Russian Hackers Targeted European Think Tanks 2019-02-20 17:39:00The U.S. company said it was “confident” that attacks targeting employees of organizations including the German Council on Foreign Relatio

Google's On-Prem Data Center Software for Hybrid Cloud 2019-02-20 17:02:00Configuration management added in latest version of Cloud Services Platform, which differentiates by being able to run on customers’ existing ha

How Energy-Assisted Storage Is Being Put to Work 2019-02-20 15:48:00Vendors are tapping energy-assisted recording storage to overcome HDD capacity/size limits.

Too Much Data? Copy--or Copy Data Management--That 2019-02-20 14:46:00Actifio's copy data management solution is designed to mitigate the storage and security concerns of copy data.

Disaster Recovery Appliance Speeds, Simplifies Recovery 2019-02-20 02:25:00Arcserve's disaster recovery appliance allows companies to quickly restart applications in the event of disasters and consolidate various methods of

Deep Packet Inspection Powers New Industrial Systems Security 2019-02-19 17:39:00Nozomi's SCADAguardian uses deep packet inspection against tables of known malware behavior, as well as pattern recognition and relationship observat

The Most Mindnumbing of Office Tasks Made One 2019-02-19 17:20:00Global spending on robotic process automation software was estimated to reach $680 million in 2018, up 57 percent from the previous year, and is on co

China Abandons Cybersecurity Truce With U.S., Report Says 2019-02-19 16:52:00A slowdown in Chinese hacking following the cybersecurity agreement Obama’s administration secured in 2015 appears to have been reversed, cybers

TechCrunch » Enterprise

Clari platform aims to unify go-to-market operations data 2019-03-06 09:00:29Clari started as a company that wanted to give sales teams more information about their sales process than could be found in the CRM database. Today,

Matterport raises $48M to ramp up its 3D 2019-03-05 12:05:55The growth of augmented and virtual reality applications and hardware is ushering in a new age of digital media and imaging technologies, and startups

SurveyMonkey acquires web survey company Usabilla for $80M 2019-03-05 09:00:09SurveyMonkey announced today that it has acquired Usabilla, an Amsterdam-based website and app survey company, for $80 million in cash and stock. Zand

Salesforce releases myTrailhead, a customizable training platform 2019-03-05 08:00:10Salesforce has been using the notion of trailblazers as a learning metaphor for several years, ever since it created Trailhead, a platform to teach cu

Can predictive analytics be made safe for humans? 2019-03-04 13:44:40Massive-scale predictive analytics is a relatively new phenomenon, one that challenges both decades of law as well as consumer thinking about privacy.

Scytale grabs $5M Series A for application-to-application identity 2019-03-04 10:33:34Scytale, a startup that wants to bring identity and access management to application-to-application activities, announced a $5 million Series A round

Rackspace announces it has laid off 200 workers 2019-03-01 16:42:03Rackspace, the hosted private cloud vendor, let go around 200 workers or 3 percent of its worldwide workforce of 6,600 employees this week. The compan

Open-source communities fight over telco market 2019-02-27 18:36:02When you think of MWC Barcelona, chances are you’re thinking about the newest smartphones and other mobile gadgets, but that’s only half t

Box fourth quarter revenue up 20 percent, but 2019-02-27 17:09:52By most common sense measurements, Box had a pretty good earnings report today, reporting revenue up 20 percent year over year to $163.7 million. That

Compass acquires Contactually, a CRM provider to the 2019-02-27 13:01:44Compass, the real estate tech platform that is now worth $4.4 billion, has made an acquisition to give its agents a boost when it comes to looking for

Threads emerges from stealth with $10.5M from Sequoia 2019-02-27 09:05:43The rapid rise of Slack has ushered in a new wave of apps, all aiming to solve one challenge: creating a user-friendly platform where coworkers can ha

New VMware Kubernetes product comes courtesy of Heptio 2019-02-26 11:00:17VMware announced a new Kubernetes product today called VMware Essential PKS, which has been created from its acquisition of Heptio for $550 million at


Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.