blog hero2x
Data Security & Privacy

6 Reliable Strategies for Managing Data Breaches


By Josh Young Nov 08, 2016

6 reliable strategies for managing data breaches2

What is the Cost of a Data Breach?

A 2016 study conducted by the Ponemon Institute examined data breaches at 383 companies spread across 12 countries. The average, worldwide cost for a breach among these companies was $4 million -- roughly $158 for each lost or stolen record.

The figures for the United States are even more troubling with a $7.01 million average breach cost and $221 for each record. Factored into these costs were projections associated with lost business due to reputation damage, diminished goodwill, and increased customer turnover.

The study also determined that 48 percent of security incidents resulted from a malicious or criminal attack, while 27 percent could be tracked to "system glitches" that included IT and business process failures. The remaining 25 percent of incidents were due to employee negligence.

Worried that cybercriminals might be after your company data? Read: Best Practices for Protecting Customer Data from Cyberattacks.

In a separate study, Verizon identified a number of common methods of attack used in data breaches, including:

  • Hacking
  • Malware
  • Social engineering attacks (e.g., phishing emails)
  • Credential misuse (routinely performed by employees inappropriately accessing company systems)
  • Physical theft of electronic devices containing confidential data or passwords

As you can see, the costs of a data breach are high. And cybercriminals aren’t stopping their attacks any time soon. The best thing you can do is prepare. You need to have a plan to respond to a data breach, but just as important is your plan to proactively protect against a cyberattack in the first place.

What Can You Do BEFORE a Data Breach?

1. Identify key targets

More than likely, your business doesn't have an unlimited cybersecurity budget, so it would make sense to place the most protection around your mission-critical systems and data.

Perform an internal audit to identify your key systems and their corresponding vulnerabilities. Consult with outside legal counsel to determine if there are any government security mandates for the particular types of data used by your organization.

Armed with this information, you can create a more effective security architecture that properly isolates important systems and matches security levels to a potential threat.

2. Have a plan

During a breach, your IT staff are probably going to be too busy to draft comprehensive response plans, so you should draft these ahead of time. With your key targets identified, determine routes of likely attack and develop guidelines for each of those possibilities.

Ideally, any plan should identify how to:

  • Contact key cybersecurity personnel quickly
  • Determine the order of importance for protecting information
  • Preserve records for later investigation
  • Determine who should be notified of a breach, including customers or law enforcement

3. Prepare Your Employees

No matter how well-equipped your network systems are to thwart an intrusion, oblivious employee action can still leave your business vulnerable. In the Verizon study mentioned earlier, 63 percent of confirmed data breaches were the result of either weak or stolen passwords with a noticeable percentage of employees still using the default password provided with a device or service.

The study also determined that 30 percent of phishing emails were opened by employees, and 12 percent of recipients clicked on the malicious attachment or link.

To protect your organization, you must thoroughly educate your staff about potential threats and how to avoid them. Provide them with security awareness training to help them spot common social engineering attacks like phishing emails and to make them aware of password safety policies.

What Should You Do After a Data Breach?

4. Collect pertinent information

You should take images of the affected systems, also storing any related logs or records associated with the breach. Encourage your cybersecurity staff to keep handwritten notes during the attack or immediately after. By documenting their actions, you can avoid relying on their fading memories to outline the order of events.

5. Notify appropriate parties

Currently there are 47 different state statutes regarding who should be apprised of a data breach. Consult with legal counsel to determine which parties need to be notified and the level of information you are required to share.

If necessary, advise the appropriate law enforcement agencies. They can often provide resources that will help identify the origin of the attack.

6. Remain vigilant

According to the Department of Justice, "[m]any intruders return to attempt to regain access to networks they previously compromised." While you may have been able to frustrate or halt a previous attack, you might not have identified all of the methods that the intruder used to access your network.

Continue to monitor for any anomalous activity that might indicate a reoccurring breach.

Key Takeaway

There are multiple avenues that criminals and hackers can exploit to gain illicit access to your critical business systems, and no protection is foolproof. Take the time now to prepare your technology and staff to discourage future intrusions, and educate your employees on how to identify and respond to potential attacks.

To learn more about our security awareness courses, you can fill out the form on the right to request a demo.

Workplace Answers &
Click 4 Compliance Join Forces

We’ve created the world’s most comprehensive and engaging online compliance training library for companies around the globe.

Learn more View courses

We're sorry this resource is no longer available, we've redirected you to our Resource center.