Breach Response: Containment, Communication and Remediation

The number of U.S. data breaches reported in 2021 has increased dramatically over the past year. As reported by the Resource theft center (ITRC), there were 1,291 data breaches between January 1, 2021 and September 30, 2021. The volume exceeded 1,108 violations identified during the full year (FY) 2020. It is therefore not surprising that data compromise year-on-year (YTD) increased by 27% Last year compared to FY 2020.

The myth of “too small to fall”

Looking at the above statistics, small to medium-sized businesses (SMBs) may think they are not large enough to be caught on the target of the attackers. But that is not the case. Small and medium-sized businesses suffer from information breaches all the time. B Data Breach Investigation Report (DBIR) 2021For example, Verizon Enterprise revealed that SMBs suffered 263 data breaches in 2021. That was just slightly less than the 307 data breaches experienced by large organizations.

These findings raise an important question. What are some steps that small businesses should take if they suffer from an information breach?

Understanding the violation response

Breakout responses typically focus on three main categories: braking, communication, and repair.

braking

The first thing to do is take a deep breath and understand the extent of the violation. Is it an external factor that informed you or is it something you have identified internally? Ransomware damage is a bit more of a sudden alert than a third party reaching out and notifying you that your systems have been compromised.

Either way, the next thing to do, often in parallel with the first, is to notify your local law enforcement agency. Depending on the state and jurisdiction of your business, there are different laws for reporting data breaches that must be met. As part of this, law enforcement agencies can often assist in investigating the extent of the violation and try to track down the criminals behind the attack.

If your local law enforcement agency does not provide this service, you will need to look into hiring expert advice that will help with identification and containment. This is usually an expensive but necessary service in the event of a serious breach, so something like cyber insurance or an amount set aside can help prepare for this.

communication

The next thing to do is communicate to your customer base that there has been a breach. Many times, businesses fear that they will lose customers if they think they have been hacked. But a data breach should not drown out the organization’s share price – especially not in the long run. Organizations can take action to restore consumer confidence following a security incident. to all Harvard Business Publishing, One way they can do this is by advancing with what they have done to prepare for such an event and explaining how they are making further security improvements for the future. You will not know all the details right away, but early communication is key. They will know that there was a burglary, that it is being investigated and that more details will come. Additional communications can then be sent once it is contained, the amount of data loss is known, and repair and compensation plans are established.

Fix

Finally, steps must be taken to repair the breach. This includes correcting anything that has caused a breach and examining what processes and procedures exist to identify and reduce the likelihood of this happening again. The business should weigh the cost of the breach against the cost of implementing moderation controls. The containment process described above can be costly and time consuming, and can detract from the focus of the business from its primary function for a period of time, resulting in loss of revenue to the organization. So maybe this is even something to consider before you go through a violation.

Beyond prevention

Small and medium-sized businesses can use the three steps discussed above to respond to data breaches. However, before that, they can act to prevent a data breach in the first place. The prevention steps can include things like maintaining an up-to-date inventory of assets as well as ensuring that the systems are up to date with security patches and are securely configured. Users should have multi-factor authentication (MFA) configured as well as receive training in things like phishing attacks to beware of in order to keep the organization secure from potential security incidents. These simple things will help reduce the likelihood of a recurrence of a breach, or if done early, it will help reduce the likelihood of a breach occurring in the first place.

Source

The number of U.S. data breaches reported in 2021 has increased dramatically over the past year. As reported by the Resource theft center (ITRC), there were 1,291 data breaches between January 1, 2021 and September 30, 2021. The volume exceeded 1,108 violations identified during the full year (FY) 2020. It is therefore not surprising that data compromise year-on-year (YTD) increased by 27% Last year compared to FY 2020.

The myth of “too small to fall”

Looking at the above statistics, small to medium-sized businesses (SMBs) may think they are not large enough to be caught on the target of the attackers. But that is not the case. Small and medium-sized businesses suffer from information breaches all the time. B Data Breach Investigation Report (DBIR) 2021For example, Verizon Enterprise revealed that SMBs suffered 263 data breaches in 2021. That was just slightly less than the 307 data breaches experienced by large organizations.

These findings raise an important question. What are some steps that small businesses should take if they suffer from an information breach?

Understanding the violation response

Breakout responses typically focus on three main categories: braking, communication, and repair.

braking

The first thing to do is take a deep breath and understand the extent of the violation. Is it an external factor that informed you or is it something you have identified internally? Ransomware damage is a bit more of a sudden alert than a third party reaching out and notifying you that your systems have been compromised.

Either way, the next thing to do, often in parallel with the first, is to notify your local law enforcement agency. Depending on the state and jurisdiction of your business, there are different laws for reporting data breaches that must be met. As part of this, law enforcement agencies can often assist in investigating the extent of the violation and try to track down the criminals behind the attack.

If your local law enforcement agency does not provide this service, you will need to look into hiring expert advice that will help with identification and containment. This is usually an expensive but necessary service in the event of a serious breach, so something like cyber insurance or an amount set aside can help prepare for this.

communication

The next thing to do is communicate to your customer base that there has been a breach. Many times, businesses fear that they will lose customers if they think they have been hacked. But a data breach should not drown out the organization’s share price – especially not in the long run. Organizations can take action to restore consumer confidence following a security incident. to all Harvard Business Publishing, One way they can do this is by advancing with what they have done to prepare for such an event and explaining how they are making further security improvements for the future. You will not know all the details right away, but early communication is key. They will know that there was a burglary, that it is being investigated and that more details will come. Additional communications can then be sent once it is contained, the amount of data loss is known, and repair and compensation plans are established.

Fix

Finally, steps must be taken to repair the breach. This includes correcting anything that has caused a breach and examining what processes and procedures exist to identify and reduce the likelihood of this happening again. The business should weigh the cost of the breach against the cost of implementing moderation controls. The containment process described above can be costly and time consuming, and can detract from the focus of the business from its primary function for a period of time, resulting in loss of revenue to the organization. So maybe this is even something to consider before you go through a violation.

Beyond prevention

Small and medium-sized businesses can use the three steps discussed above to respond to data breaches. However, before that, they can act to prevent a data breach in the first place. The prevention steps can include things like maintaining an up-to-date inventory of assets as well as ensuring that the systems are up to date with security patches and are securely configured. Users should have multi-factor authentication (MFA) configured as well as receive training in things like phishing attacks to beware of in order to keep the organization secure from potential security incidents. These simple things will help reduce the likelihood of a recurrence of a breach, or if done early, it will help reduce the likelihood of a breach occurring in the first place.

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

The MOVEit Zero-Day Vulnerability: How to Respond

The zero-day vulnerability in Progress Software's MOVEit Transfer product is being exploited by the Clop ransomware gang and other copycat cybercriminal groups to expedite...

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)

A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out...

Apple fixed new actively exploited CVE-2023-38606 zero-daySecurity Affairs

Apple released security updates to address an actively exploited zero-day flaw in iOS, iPadOS, macOS, tvOS, watchOS, and Safari. Apple released urgent security updates to...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!