We’re here to help! Check out our wide range of service offerings to see which options fit best with your organization.
Since 2005, Infolock has assisted hundreds of customers in understanding their data risk posture and improving their data risk management maturity.
From datasheets to DataRAMP, Infolock has all your data risk management resources at your fingertips.
Infolock is a data risk management advisory, consulting, and managed services firm.
We’re here to help! Check out our wide range of service offerings to see which options fit best with your organization.
Since 2005, Infolock has assisted hundreds of customers in understanding their data risk posture and improving their data risk management maturity.
From datasheets to DataRAMP, Infolock has all your data risk management resources at your fingertips.
Infolock is a data risk management advisory, consulting, and managed services firm.
Enjoy quick access to your INSIGHT, SCC, or Managed Services Support Portal.
If you’ve struggled to manage the fallout from a data breach, you know the time to plan for one is not during the crisis, but long before an incident occurs.
A data breach can strain finances, causing lost revenue, increased expenses related to breach response and remediation, and stealing time and focus from business priorities.
A data breach can strain finances, causing lost revenue, increased expenses related to breach response and remediation, and stealing time and focus from business priorities.
A data breach erodes trust, causing customers to seek alternative providers and suppliers, directly impacting your business’s bottom line.
Your organization’s reputation can take a hit, especially if it fails to properly handle the situation or notify those affected in a timely manner.
Companies may face legal consequences for damages incurred by affected parties. One such class action lawsuit recently cost a major wireless provider $350 million in damages.
Data breaches can disrupt your daily operations, leading to decreased productivity and revenue.
A breach could personally affect individuals whose information has been compromised, increasing the chances of identity theft, credit card fraud, financial blackmail, or harassment.
With the negative consequences of a data breach in mind, the eight recovery steps are as follows:
During a crisis like an active data breach response, there will be significant pressure from inside and outside your organization to act decisively, address questions and concerns, limit damage to the organization, and soothe frayed nerves (for customers, partners, investors, employees, and others).
Ensure your own nerves are intact during the crisis by remaining calm and managing your own emotional response, seeking out facts, collecting information quickly and efficiently, not pointing fingers or affixing blame (even when there’s clear evidence of malice or neglect), collaborating with peers and partners, and providing timely and fact-driven updates to senior leaders and other stakeholders which emphasize a prioritized response, discrete actions, and an overarching timeline.
Think of a data breach like a ship taking on water: your first and most important task is to plug the leaks and ensure no additional damage is done. Until you can limit the damage, you will never be able to recover from your data breach.
Consider the example of a retailer that discovered a data breach in its payment systems: they immediately shut down affected terminals, identified the compromised data assets and repositories, isolated the in-scope databases, applications, and servers, changed passwords, and updated detective controls across the network and with third party vendors and suppliers. Their team wasn’t focused on anything else during this phase of the response, just containment. The immediate crisis response was orchestrated by the IR / security team but they required the assistance of the IT team, as well as applications, databases, networking, telecommunications, POS / endpoint operations, and others.
For the incident responders, once they were able to regain immediate situational control, integrate damage reporting from across the organization, and demonstrate no further damage was being caused, they could turn their attention to other priorities.
There is frequently a “perfect storm” of causes and factors involved, and a prioritized action plan is needed to remediate the most pressing problems first. Remember it’s possible that weeks, months, or even years have gone by while the underlying vulnerabilities developed and became entrenched—so it’s neither realistic nor practical to expect everything to be fixed (or fixable) overnight.
Instead focus on the most practical remediation actions that address the greatest risks most quickly, using a step-wise formula:
Want to dive deeper on your recovery strategy? The team at Infolock is available for a 30-minute, no-cost, no-obligation consultation.
There are a variety of free resources available to assist you in creating your data breach response strategy, incident management communication plan, and related incident response procedures:
2900 South Quincy St
Suite 330
Arlington, VA 22206