What to Do After a Data Breach – Part 1
January 26, 20182018 Data Backup and Storage Developments
February 4, 2018As discussed in Part 1, every business, large or small, is vulnerable to a cyber attack resulting in a data breach. However, your company can prepare a detailed response plan that will help minimize the damage.
Part 2 will continue by discussing three more steps that can be taken after a data breach: Collect Incident Data, Notify Personnel, and Avoid Hacking Back. Consult with an expert managed IT services firm to formulate a plan that will help protect what is probably your company’s most valuable asset – its data.
Collect Incident Data
Incident data provides important forensic information that can be studied to help prevent and mitigate future cyber attacks through countermeasures. In addition, legal issues may result from a data breach, and so information related to the incident, such as event logs, access, authentication, authorization, network packets, malware, etc., must be gathered and preserved.
Notify Personnel
After a data breach, the team should provide notifications to company management, relevant employees, affected clients and customers, and law enforcement. This procedure, along with the personnel to be contacted, should be described in the data breach response plan. Your company’s compliance and legal teams should provide guidelines for this process.
Regarding internal incidents, reporting them to external third parties is probably unnecessary. However, criminal activity, such as data theft or fraud perpetrated by an employee, may require informing law enforcement as determined by the legal department and executive management. It is important to note that regulatory requirements determine when reporting is required if compromised records are involved.
Avoid Hacking Back
It is strongly advisable that after a data breach, your compromised IT systems should not be used to communicate with (hack back) or penetrate the network of the hackers. In addition to legal questions that may arise from a hack back, this practice is deemed unethical and not in keeping with best practices for cyber security
Many cybercriminals are well financed and technically astute, so communication with them may lead to a more serious attack. It’s smarter to diligently follow your company’s response plan after a data breach occurs, so the attack is prevented from spreading and damage is mitigated.
Alpha Engineering Business Support
Choosing an expert computer technology-support provider is an important decision for your business. Alpha Engineering Associates has been a trusted partner of many companies in the Washington, Baltimore and Annapolis areas since 1990. For affordable client-focused network consulting services and solutions, please call Alpha Engineering Associates today at (410) 295-9500.