After the data breach: Experts weigh in on the next steps

The majority of companies today are aware that they need to establish and practice good data security measures. Even with strong systems in place, however, almost every organization is susceptible to some form of data breach. Digital Guardian recently published a great article with 30 experts’ tips. Here are some highlights from 5 of our favorites in that post:

What are the most important “next steps” companies should take following a data breach?

“COMMUNICATION: both internal (inform employees and involve everyone able to help, i.e. tech specialist, client service managers, PR & communication team, etc.) and external (direct mailing to the clients, official media release – and, if necessary, also interview to the profile press).

1. Be open and sincere. Admit if the fault was on company’s side and accept responsibility.
2. Provide details. Explain why the situation took place.
3. Make conclusions out of the disaster and describe solutions for affected users. If possible, prepare a special offer for the affected audience.
4. Explain how to prevent similar issues in the future.
5. Invite to dialogue. Involve your clients, industry experts, analysts, media people and general public to the broader discussion about the source of the problem. 

Usually, such approach will allow you not only to minimize the negative impact of an IT security accident, but (when implemented correctly) will show your company as the reliable and transparent partner, which is able to operate correctly even during the crisis situation.”

Oleksandr Maidaniuk
Head of Quality Assurance Solutions
Ciklum Interactive Solutions

 

“To understand the root of the issue. Engineers can use forensics to analyze traffic and instantly determine the root cause of an event, entirely removing guesswork and problem reproduction from the equation. Effective forensics provide these four key capabilities:

• Data Capture: Capture all traffic, 24×7, on even the fastest links
• Network Recording: Store all packets for post-incident, or forensic analysis
• Search and Inspection: Enable administrators to comb through archived traffic for anomalies and signs of problems
• Reporting: Through data capture and analysis, results of investigations are logged and network vulnerabilities are reviewed and analyzed post-mortem.

Perhaps most importantly, forensics solutions capture data 24/7 and automatically analyze all data collected in real time, which means all the data you need for analysis is available at a moment’s notice. Whether the problem with your mission-critical app is across the room or across the world, forensics gives you immediate access to the most detailed analytics available to get to the root cause of an issue.”

Jay Botelho
Director of Product Management
WildPackets

 

“Bring in a third-party IT professional that specializes in incident response and gap analysis. The data breach happened on your current IT provider’s watch, so they have a vested interest in keeping your business, and may not tell you the whole truth. By bringing in an unbiased, third-party specialist, you can discover exactly what has been accessed and compromised, identify what vulnerabilities caused the data breach, and remediate so the issue doesn’t happen again in the future.”

Stephen Ward
Vice President of East Coast USA
Pinkerton

 

“Research your state’s law on whom to notify in case of a breach (sometimes the data subjects, sometimes a government agency), see whether your breach fits the type covered by the law; then check the 4-5 federal laws requiring notification in the event of CERTAIN breaches.”

Robert Ellis Smith
Leading expert on the right to privacy in the U.S.
Publisher of Privacy Journal

 

“Change your password. Immediately, change your password on the affected site/service. If the hack encompasses numerous sites, be sure to change all of those passwords. This process becomes a lot easier if you are using effective password management.”

Darren Guccione
CEO and Co-Founder
Keeper Security

These are just a few tips from professionals on the steps to take after your company has been affected by a data breach. We would love to hear from you – What steps of action would you recommend to an organization that has just been hit by a breach?