The Data Protection Battle, Part 2 - Tend to the Wounded
Updated: Nov 12, 2020
In Part 1 of the Data Protection Battle blog series, we discussed security measures to defend against cyberattacks. But what happens if something slips through? How do you even begin to control and recover from an attack? The following five sections will show how to:
find out what hit you
tend to the wounded systems
handle legal liabilities
communicate to appropriate parties
and move forward.
“After a cyber-attack, 39% of companies reported a decrease in operational capability as their leading complaint. Downtime came in second with 37% of businesses reporting it as the primary effect on their company. It’s reported that 44% of companies estimate that they could lose over $10,000 within just one hour of downtime.”
1. Figure out what happened
After a cyberattack, speed is of the utmost importance. The faster you find out what type of data was affected and how, the faster you can close off your network to further attack. If you don’t have an in-house IT team, reach out to a third-party provider to help investigate. Experts can determine the root of the problem by analyzing traffic flowing in and out of your business.
2. Lock down your systems
The next step in your action plan should be breach containment. Begin by isolating the affected areas and updating/strengthening all your login passwords. You only have control of the situation when you’re sure you’ve removed the attacker’s access to your systems. Use your data backups to continue working and minimize downtime.
3. Consult a lawyer
It is crucial to have legal support after a data breach, especially when sensitive customer or employee data is compromised. Your IT team’s documentation of the internal investigation and recovery steps will be helpful for liability purposes. Legal representatives can also help manage your communication with the affected parties, as described in the next section.
4. Notify affected parties
Prepare for media interest, especially if you are a well-known brand. PR experts can help you to inform customers in a timely, detailed, and sincere manner to limit rumors. Apologize and answer questions honestly, however uncomfortable it might be. It is better to accept full responsibility for the breach and lay out your plan to make security better.
5. Carry out a full investigation
Do a deep dive into your data security plan. We’ll discuss this in more detail in Part 3 (final) of the Data Protection Battle blog series.