Disaster Prep 101: What to Do After a Breach (and How to Prevent One)

How to mitigate the damage.

If you’re in the midst of dealing with a data breach, it’s important to understand that you are not alone. In fact, according to a recent NBC News story, the number of data breaches in the US increased by 29% – with 12 million records exposed – in the first half of 2017.

Data breaches can be costly for businesses.

The costs associated with dealing with a cybersecurity incident continue to climb. According to the 2017 Cost of a Data Breach Report from IBM and the Ponemon Institute, the average cost of a data breach in the US is now $7.35 million, up 5% from last year. Enterprises are not the only organizations affected; the hit to small businesses averages $36,000 to $50,000+ per breach, which is enough to put most of them out of action.

The cost per compromised record varies greatly depending on the industry, with highly-regulated sectors such as healthcare and financial services being the most expensive. These fees cover the cost of dealing with the breach itself and legal fees, hiring extra staff for notification and monitoring purposes, and offering identity theft monitoring to individuals or entities that were affected by the breach.

What to do if your company has fallen victim to a data breach?

If you’re in the midst of a data breach, one of the first things that may seem natural is to try to keep the details of the breach quiet for as long as possible. The reality is that this is likely the last thing you want to do when it comes to a serious incident. Withholding this information from customers or clients can spell legal disaster down the road. Below are just a few things that are incredibly important when you’re dealing with a data breach.

• Be transparent – Transparency is key. Be sure to alert affected parties as soon as possible after discovering a breach. This way, you can give those who’ve been affected as much as possible to respond to the situation. While it’s never enjoyable to alert people that their data has been compromised, the sooner you do it and the more detailed your explanation, the quicker they can respond.
• Identify what data was stolen – Before you can truly understand the severity of a data breach, you have to take an inventory of what exactly was stolen. How sensitive the data is will dictate how you go about responding to the incident. To fully analyze what data was compromised, copy all logs from servers and firewalls to a centralized storage device located off-network. Here you can analyze the extent of the breach without worrying about whether the log data is at risk of being compromised.
• Lockdown your network – Once you’ve identified that a data breach has occurred, it’s critical to completely lock down your network for both incoming and outgoing traffic. Apply an access list to restrict both incoming and outgoing data. While this security level may be an inconvenience for some within your organization, it’s often necessary to restrict traffic across your network and determine any weak points that may have been exploited during the breach.

Why wait for a data breach to occur before taking action?

If you haven’t yet been affected by a major data breach, there are several steps you can take to reduce the chances you’ll fall victim in the first place. Below are just a few of the solutions we provide clients when they come on board for any of our managed IT services.

• Implement endpoint security procedures – Your organization must be properly protected with sufficient perimeter security solutions. This typically includes both hardware and software solutions such as firewalls and other endpoint security tools that stop or react to suspicious parties attempting to gain access to your internal network.
• Ensure operating system updates are properly installed – One of the easiest ways for hackers to gain access to your network is through machines that haven’t been updated; patches are often designed to fix various security vulnerabilities that major operating system manufacturers have identified. Ensure your organization is always staying abreast of the latest Windows and Mac operating system updates to avoid leaving your organization vulnerable.
• Employee training – Protecting against data breaches is not something that should ever stop. Organizations must be vigilant, including scheduling regular training regarding the latest malware threats and phishing tactics cybercriminals use.

Interested in a free network assessment from Network Computer Pros?

If you’re unsure whether your organization is properly protected against a data breach, give Network Computer Pros a call today to schedule a completely free network assessment. We’ll analyze your network and perform a series of stress tests to spot vulnerabilities that a hacker could exploit.

Feel free to reach out to us at 954-880-0388 or through our online contact form to learn more about our cybersecurity services.