Data Breach Lessons Learned From the Trenches

By Chris Preimesberger  |  Posted 2014-08-27 Print this article Print

Data breaches, such as those that recently impacted Target, the Internal Revenue Service, Children's Mercy Hospital and many others, are happening with increased frequency. In fact, the security research group Identify Theft Resource Center reported 480 data breaches in the past week in the United States alone. Studies show that companies are attacked, on average, an astounding 16,856 times per year, and many of those attacks result in a quantifiable data loss. Concerns over how to manage data breaches have now moved beyond corporate IT teams to board members or the C-suite, who are no longer exempt from issues regarding a lapse in computer security and data protection. So, what can your enterprise do to minimize damage? Based on eWEEK reporting and Experian Data Breach Resolution's experience servicing some of the largest data breaches to date, this slide show offers 10 lessons from the trenches, offering guidance for successfully managing a data breach before, during and after an incident occurs.

  • Data Breach Lessons Learned From the Trenches

    by Chris Preimesberger
    1 - Data Breach Lessons Learned From the Trenches
  • Everyone Is Vulnerable

    Every sector is susceptible to a data breach, and when cyber-criminals find vulnerabilities, they will use them time and again to attack similar industry organizations. Organizations can significantly reduce the costs and reputational fallout by having a strong IT security posture, chief information security officer (CISO) or outsourced IT consultant, and an incident-response plan. The response plan, similar to a fire drill, should be practiced and backed by a team that includes C-suite executives, IT, legal counsel, forensics, breach resolution providers, public relations and human resources.
    2 - Everyone Is Vulnerable
  • Listen to the Experts and Follow Instructions

    When an organization employs a collaborative process, the response usually has a much better outcome. That means IT professionals should be actively listening to breach experts, such as forensic teams, breach resolution providers, privacy attorneys, and public relations or crisis communication consultants. After all, these firms walk, talk and breathe data security and data loss every day.
    3 - Listen to the Experts and Follow Instructions
  • Establish a Leader

    It is important that a company's response team have a lean approval chain in place, with key owners and approvers established in advance of an incident. During a crisis, there are often several viewpoints to be considered, but ultimately a decision must be made to move the response forward. For efficiency, one person, or a small group, should be identified as the delegated authority to make executive decisions and articulate questions or concerns quickly up the chain of command.
    4 - Establish a Leader
  • Identify and Vet Partners

    Identifying and vetting third-party data breach partners ahead of an incident is critical to ensuring they understand an organization's business and can engage quickly. Consider pre-breach agreements with partners that include forensics firms, legal counsel, print and call center providers, credit-monitoring services and public relations agencies to ensure greater response alignment and reduce the likelihood of changing partners midstream, which can prove devastating to an organization's response following a breach.
    5 - Identify and Vet Partners
  • Know the Industry and Risks

    To properly prepare for a breach and drive adequate response, companies should ensure that their data breach response plan outlines high-impact incidents based on the type of information they collect, their industry sector and operating countries. Organizations should conduct research and audit how industry peers have handled relatable breach incidents. For example, in the retail sector, organizations should evaluate recent payments breaches and plan for a similar scenario.
    6 - Know the Industry and Risks
  • Investigate First, Talk Later

    Many organizations feel pressured to communicate to their customers as soon as they discover a breach. Don't be hasty and induce panic among consumers, which can lead to poor decisions and crucial mistakes. Instead, when possible, complete the forensic investigation before announcing the breach, so the company can communicate the most accurate information and appropriate remediation steps.
    7 - Investigate First, Talk Later
  • Communicate Effectively and Accurately

    Communication to media, regulators, customers and partners is often center stage during a breach response; if done improperly, it could significantly harm a company's corporate reputation. In an organization's outreach to the breach population and key external stakeholders, send clear, honest breach notifications, provide credit monitoring or identity theft protection for customers, and keep an open line of communication.
    8 - Communicate Effectively and Accurately
  • Rebuild Customer Trust

    Don't forget about the people affected by the breach: customers, patients or employees. They aren't just a checkbox on a response plan. Remember, those stakeholders are most likely to call the media, litigators or perhaps switch to the competition. Identify the demographics of the company's affected customers to anticipate potential roadblocks. For instance, do the data breach notifications and/or call center support multiple languages? A company's response to an incident should keep the customer top of mind.
    9 - Rebuild Customer Trust
  • Don't Shun Regulators

    It's in an organization's best interest to develop relationships with regulators before suffering a breach. While customers are a key stakeholder group, communications and compliance with regulators and policymakers at both the state and federal levels should be taken seriously. Developing a meaningful dialogue while engaging them openly and transparently to provide timely answers to any questions they pose is critical to a company's long-term response strategy.
    10 - Don't Shun Regulators
  • Consider Cyber Insurance

    With the growing awareness of data breaches, it is no surprise more organizations are evaluating and investing in cyber insurance, and the number of companies purchasing these policies continues to grow. The 2013 Betterley Report estimates $1.3 billion in annual premiums on cyber and privacy insurance policies were collected by U.S. insurance companies in 2013. Investing in cyber insurance can help organizations reduce the cost of a breach and provide added benefits to a company's security posture via access to data breach experts or other valuable services.
    11 - Consider Cyber Insurance

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel