Digital transformation has led to many large-scale changes in the way businesses are run. Digitization of data with the help of document scanning services, automation of business processes, integration of Artificial Intelligence and Machine Learning and other advancements have improved workflow and business processes in enterprises. But today, securing sensitive data is a challenge that all businesses face. According to Gartner, cyber security spending will exceed $1 trillion by 2021. The average cost of a malware attack on a company is $2.4 million and the average downtime following a malware attack is 50 days. In 2016, Yahoo disclosed two record data breaches in which 500 million and 3 billion accounts were compromised, respectively. Data breach is not going to end any time soon. Moreover, no matter how strong a business’s data protection measures are, preventing data breach is difficult.
An article from Innovative Computing Systems, a professional services firm that helps health organizations and other entities define and improve a comprehensive IT strategy, suggests eight steps that businesses must consider after a data breach.
- Isolate the virus: The first and foremost step is to identify the affected end points and servers and disconnect them from other systems to prevent malware from spreading further. Do not shut down until the IT security experts have examined the whole system. If it is a ransomware attack, then make sure to update the security software before reloading the data from the backup.
- Get the help of professionals: It is important to ensure that the organization has retained security professionals with expertise that is well beyond mere system administration. Taking measures to prevent data breach without the help of professionals is not recommended. A third-party audit of information systems is strongly recommended.
- Inform the authorities: In case of data breach, the organization should inform 5 authorities. Begin with informing the local police and make it official so that a paper trail can be initiated. The next step is to inform Secret Service which has an Electronic Crimes Task Force to report cyber attacks at www.secretservice.gov. You must also contact the US Computer Emergency Readiness Team in the Department of Homeland Security at www.us-cert.gov. Finally, file a complaint with the Federal Trade Commission (FTC). In case your clients have been compromised, have them visit the FTC’s identity theft sites www.ftc.gov and www.identitytheft.gov.
- Inform clients: Once you have informed the authorities, the next important step is to inform your clients. Discuss with your clients the appropriate measures to protect themselves and their families and let them know about your legal and liability requirements.
- Look for vulnerabilities: Professional security experts can identify and mitigate vulnerabilities that let the hacker into the system. Experts can find out other vulnerabilities that need patching. No network system is impenetrable but with various levels of security, the company will be secure.
- Implement strong security solutions: If you have experienced a data breach then it means that your security systems are not effective. So, after identifying the vulnerabilities deploy security software, hardware and protocols companywide to strengthen cyber security.
- Write an after action report: In case of a data breach, it is important to create an after action report that describes what happened, how the organization recovered, the consequences faced etc. All these events should be documented so that the employees will know where the attack originated, its effects on the company, how to avoid incidents in the future and what the company has done to improve security.
- Retrain your employees: It is important to keep your employees educated about the importance of cyber security awareness and the measures they should take to avoid cyber attacks. If you have an employee whose negligence caused the breach, document this carefully to avoid post-firing lawsuits.
- Examine third party hiring process: Sometimes data breaches are caused by lapses in security by third party contractors. So make sure you choose professional vendors to avoid data breaches. Request all your future contractors to have basic business insurance and this will ensure that the insurance company insures their work.
Cyber threat is growing in sophistication and volume. As everything is becoming more digitized, there are more ways for cyber criminals to harm your company. So in case of a data breach, businesses can consider the above-mentioned tips. Companies should also choose a reliable and professional document scanning company to digitize all data and also prevent cyber threat.