Preparing for the Unexpected: Data Breaches

Remember those PSAs about drugs and alcohol that were popular in the late 90s and early 2000s? I imagine that in 2019, the same method could be applied to cybersecurity. 

The camera pans to some tech-savvy person, entering the same password that he always uses and perhaps mumbling to himself as he goes. Packages pile up at his door as he enters his credit card number into the internet once again. By the next frame, he’s lost his accounts, his money, and even his identity, shown on a street corner in sunglasses and a trenchcoat. Stay safe online kids. This could happen to you.

Okay, so that may not be the exact sequence of events when it comes to a data breach. But one thing is for sure: no one is exempt. The goal of healthy cybersecurity is, of course, to prevent breaches before they even happen, but in the words of the Defeat the Breach Coalition, “the possibility always exists that [a breach] will succeed in damaging your systems or stealing your critical data.”

 

The Expense of A Breach

According to an IBM study, the average total cost of a data breach is $3.86 million. And the likelihood of a recurring breach over two years is 27.9%. Altogether, this comes out to an average of $148 per lost or stolen record. All of the statistics in the study showed an increase over one year, from the size of files breached to the global probability of a breach. 

And those numbers are taking into account the literal costs of the breach, not including the recovery to a company’s PR and reputation among consumers. Facebook, for example, has become infamous for how they choose to handle their data, while companies like Target are still reassuring customers after a 2013 data breach.

The reality is that we are incredibly dependent on technology, especially the kind that stores and manages our personal data. Writer and business coach Jason Aten explains that the infrastructure of our everyday tech is “actually quite fragile,” composed of “interconnected pieces of hardware, all of which run sophisticated software code.” And even the most sophisticated software code can still be subject to the craftiness of resilient and knowledgeable hackers.

So yes, no matter how small your business, it could indeed happen to you.

 

Bracing Yourself

While you should always implement healthy cybersecurity practices, in our interconnected and vulnerable age, it would be foolish not to have an emergency response plan. Unlike the substances PBS warned us about, at this point, we can’t quit the internet cold turkey.

Your company should have an Incident Response Plan or IRP. These are usually composed of a variety of stages, often the responsibility of an Incident Response Team, or IRT. Kroll Cybersecurity recommends an IRT with all the relevant professionals, such as legal counsel, security and information officers, technical leads, HR, PR, and various business experts as needed. IBM reports that in the case of a breach, a well-made IRT can save you $14 per record.

The first responsibility to determine among your IRT is who has the authority to declare an incident. That way, as soon as an incident is declared, your IRT can assemble. The responsibilities of each team member should be clearly defined and outlined before an incident happens since tensions and emotions can already run high when a breach is identified. 

To make sure everyone is well trained, data-breach “drills” are suggested to ensure everyone has their response down-pat. Alternatively, Rob Simopolous, founder of Defendify, tells MyTechDecisions that “many organizations are building bug bounty programs where ethical hackers are hired” to test the true integrity of their systems. If holes are found, then they can be patched before a not-so-ethical hacker finds their way in. 

Kroll further recommends establishing communication procedures. Where will the team meet? In the event of a breach, is it still safe to use corporate email? Details like that can often go overlooked in the chaos of a cyber-attack. Determining and documenting those details beforehand can make sure that nothing goes unnoticed.

Speaking of documenting, make sure that the IRT and their IRP are outlined in detail and are accessible to the team–but hopefully not to hackers.

 

Incident Response Team, Assemble!

No one is safe from a cyber-security incident or even a full-scale data breach. Fortunately, the proper preparation means that in the case of a cyber-attack, your team will be ready to tackle the challenge efficiently, minimizing the hefty cost of compromised data and saving the day.