• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Cloud Computing   »   How to deal with a data breach: Preparations and prevention

How to deal with a data breach: Preparations and prevention

  • Posted on:July 2, 2014
  • Posted in:Cloud Computing, Current News, Industry News, Vulnerabilities & Exploits
  • Posted by:
    Trend Micro
0

In the current business environment, data breaches have become all but an inevitability that every company must deal with. Any organization that handles details about their customers, their payment forms or information about the firm itself can become a target for hackers – it's no longer just the large enterprises that are reporting breaches – groups of all sizes in nearly every industry could fall victim to a security incident.

While it is no longer a question of if a breach will happen but when, this doesn't mean that enterprises should wait until hackers infiltrate their systems to take action. There are steps organizations can take to prepare themselves for a breach to ensure they are ready to mitigate the damage before it even happens.

What data does the company have? 
One of the first thing company leaders can do to prepare themselves for a security incident involving hackers is to have a plan already in place as to what they will do when an issue of this kind arises. In other words, administrators and employees should know their responsibilities ahead of time, so that they can react quickly if any suspicious activity is discovered on the network or within their internal systems.

In this spirit, decision-makers should have a full understanding of the data they are housing or interacting with in any manner that could present a valuable target for cybercriminals. Dark Reading contributor Kevin Casey noted that administrators should also know why the company is storing or transmitting this information. If the firm doesn't have a full understanding of its data, a breach could case much more damage.

"That can exponentially complicate matters when a data-loss event occurs – you can't very well determine the consequences and communicate them appropriately if you don't know what was at stake in the first place," Casey wrote. "Assess the kinds of data you have, who has access to it, and why."

Furthermore, knowing what information the company has on hand can also help shape the deployment of added protection. For example, if administrators know they have a database chock-full of customers' account information, they should take steps to bolster the security that is currently safeguarding this resource.

Is the organization compliant with industry regulations?
Another proactive measure is to examine any regulations governing the specific industry the company is in. For example, retailers and e-commerce firms must comply with the Payment Card Industry Data Security Standards, which calls for special protections to be deployed within any business that stores or transmits payment card information. The health sector is beholden to the Health Insurance Portability and Accountability Act, which requires the establishment of a completely secure environment for sensitive patient files. Additionally, financial institutions must be compliant with the Gramm-Leach-Bliley Act in order to adequately safeguard their customers' data.

If a breach occurs and the enterprise is found to be non-compliant with industry standards, they could face legal action and hefty fines. However, if the company prepares beforehand, they can not only avoid these consequences but bolster their security to the level that their industry requires.

Who will the business report to and when?
Casey also recommends having a plan in place as far as reporting the breach. The policy should outline what regulatory body the organization should notify about the security incident and how soon after the breach is discovered this announcement takes place.

Craig Spiezle, Online Trust Alliance executive director and president, noted that the company should also have a plan for alerting other groups and individuals connected with the firm, including partnering businesses, customers or other stakeholders. Casey noted that this measure is akin to having an emergency contact list ready.

Determining when to make these notifications, however, can be somewhat difficult. Spiezle stated that this timetable is different depending on the case at hand.

"With law enforcement or other government agencies, it's usually an ASAP scenario," Casey wrote. "Customers and partners are a tougher call."

Spiezle pointed out that you don't want these groups to find out about the incident from another source. At the same time, it's best to collect as much information about the breach as possible in order to provide an informed explanation of the event.

According to Dallas News contributor Pamela Yip, the best policy when it comes to reporting the breach is to be as open as possible. Although a breach can undoubtedly cause harm to the organization's reputation, it's only made worse when the group waits to make the announcement – especially with its clients.

"If you don't tell customers how they've been victimized, they can't take the necessary steps to protect themselves," Javelin Strategy and Research senior analyst Al Pascual told Yip. "Plus, it looks bad on the business. It reality, it does look like they're holding back."

Being prepared can go a long way toward mitigating this damage, though. When the business has a plan in place as to when it will notify its customers and what it will say, it helps these actions to be carried out as quickly as possible. Taking this approach will not only ensure that the media doesn't have a chance to make the announcement first, but will also help reduce the amount of distrust felt by clients after the fact. 

"Release clear, descriptive and prompt notifications," Javelin Strategy and Research recommended in a report. "Notifications that describe in detail how a breach occurred can bolster and organization's claims that they have corrected the security vulnerability … restoring some degree of confidence among customers."

Related posts:

  1. Samsung Card data breach sparks police investigation
  2. UK crime prevention group criticized for data breach
  3. Cloud security preparations needed for future adopters
  4. Continuous monitoring can help enterprises deal with APTs and similar problems

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.