Think of a situation where you got a call from the office and told that your cloud data is leaked. The points are scant. Initially, your mind will not work for few minutes but, when you come back in conscious state of mind you will realize that what to do now? At this stage, you are totally unaware from number of records leaked and it is not cleared that if this is just a minor situation or something worst is planned for the company. The entire team is scrambling to respond back to the attack. However, you will now try to attempt lots of security measures but, now they are of no worth because the truth is that data is lost.
As the data leakage continues its increasing in severity and frequency, both the Cybersecurity as well as incident response has become the topic of board discussion. A new concept of “assume compromise” is being adopted in several huge enterprises where employees have to imagine that the data is breached. This will develop the skills to handle the situation in a brave manner and discover practices to respond to a data breach. Many organization has already planned out the data breach assessment after experiencing some of the incidences in past.
Measures Not To Be Taken After Data Breach Occurrence
First, let us examine whether the attack’s response impacts the confidence of customers or the bottom line of the company. Unfortunately, the target might become the case study on how not to tackle with a data leakage. Retailers experienced monolithic breach of what was disclosed to be up to 40 million payment cards of the customers. This incident that was caused in the year 2013 during the shopping season, could not exists at a worst time.
The cyber attackers were transferring data since last two weeks. The entire news was revealed by Brian Krebs through a blog after learning that bulk of thieved payment cards are for sale on the Dark Web. During these days, the suffering firm was unable to get in contact with banks whose payment cards were stolen. Time being, the scammer had initiated fraudulent transactions with those card information. Few banks started purchasing the thieved card numbers that were associated with the breach. Their perspective was to learn that which card was compromised. Customers around the world were unable to get in touch with Target because of the huge traffic on customer service line and they avoid shopping at the firm’s store.
In the end, the quarterly profit of the Target sharply decreased by 46%. The organization’s CEO and CIO both resigned from their job after facing lots of criticism while handling the situation. Not only this but, the target faced various lawsuits during the incident and settled the situation with customers in 10$ million, with VISA in $67 million, and with banks, it was all settled in $39 million for reimbursing them for the losses associated to the breach.
Data Breach Response in First 48 Hours
The first 48 hours of the data breach are crucial. In this time period only, you can take control over the situation and secure the criticisms to be encountered by the Target. Organizations should plan the things that they will apply on the data breach. The plan should include roles and responsibilities, required actions, and timelines. Companies need to understand all the variant types of personal as well as regulated data for completely planning the incidents. They should note down that how the intellectual properties are protected, shared with whom, and who all are the authentic users. This will help in crafting a unique plan against the data breach because it will be based on data type and updated security practices.
The Cybersecurity insurance should also be involved in the data breach response plan. For example, the breach of Target resulted in direct price of $252 million but, the insurance reimbursement of the company reduced that cost to $162 million. Along with this, the legal department also plays an important role in planning the things. This will be based on the government regulation requirements over the data security and privacy.
- In First Hour: When the cloud data breached occurred, immediately a forensic team should be hired. At this stage, the plan of crisis communication also turns into the action. Entire firm needs to assemble and work as one team. One of the executives should give case information to the FBI or any other agencies of law enforcement.
- In 2 – 12 Hours: Here comes the time where forensic team should determine the scope and root cause of the data breach. Meanwhile, the IT team should center on the patching of vulnerable machines, which caused the breached.
Apply CloudCodes And Stay Away From Data Breaches
Why extend the problem to the level that one has to learn – how to respond to a data breach? Avoid such situations by adopting the best cloud service around the world. One such is CloudCodes that provides CASB solutions to customers for working in a protective way on cloud storage. By applying this solution, one will be able to keep data safe even in off-premises environment. However, if in case a single hazardous activity occurs then, it will be immediately notified at very early stage.
No comments:
Post a Comment