Blog

What NOT to do after a data breach

What NOT to do after a data breach
Breathe deep, reduce anxiety, and avoid these 9 things

It’s an IT department’s worst nightmare: Your business has been hacked by a third party that has accessed your sensitive, confidential data. And often, by the time you discover it, a breach is well underway: US companies take an average of 221 days to detect a breach, according to a 2018 study. So what do you do? Well, it turns out that knowing what not to do is just as important—because, even with the best of intentions, your team could accidentally make the situation much worse. Here’s what to avoid in the event of a cyberattack.

Don’t panic!

Step back, take a deep breath, and evaluate the situation. Inform management immediately. Calmly present them with as much information as you have about the breach and discuss next steps.

Don’t react without a plan.

OK, so your team is freaked out, and they want to start fixing everything they can get their hands on as fast as possible. Tell them to hold tight, refer to the emergency plan and procedure guide that maps out who is responsible for what, and make sure they document every action they take as they go along. (Oh, and make sure you have one of those guides prepared in advance, and regularly update it when you have staff changes.) Get your project manager involved if it’s appropriate.

Don’t hesitate to hire an external cybersecurity team.

Many SMBs don’t hire external security services because it’s not in the budget. But if a breach is so bad that your business could go under, it’s worth the investment. Get management to approve a line item in the annual budget for this—money you hopefully never have to spend. Interview and select a cybersecurity vendor before a breach happens so you have one in the wings in the event of an emergency.

Don’t keep quiet.

It may be tempting to only share data breach information to upper management or to staff on a need-to-know basis. But the entire company should be informed, as well as vendors and customers who might be affected as well. That said, they will freak out too, and have a lot of questions that will take up a lot of your time, so don’t say anything until your mitigation plan is already mapped out and rolling along.

Don’t sugarcoat the situation.

Be honest about what happened. Transparency is key (even if your PR team tells you otherwise). Along these lines, proactively contact key vendors and customers and be sure to arm your customer service team with detailed information so that they can best help your customers (and you won’t lose them in the long run).

Don’t neglect your cybersecurity regulations.

Every state has different security breach notification laws, so no matter where you’re located, chances are good that you will have to report a breach to the local authorities. Skipping this step could result in fines or worse.

Don’t rush.

Your team is probably working around the clock, and they may be tempted to knock out and close tickets quickly because it looks like you’re making progress (and pleases your project manager). But every fix needs to be checked and triple-checked after a breach, even if it slows things down.

Don’t skip the post-mortem.

The crisis seems to be over (you hope). It’s not time to go back to business as usual yet. At the end of the remediation process, it’s important to learn from your mistakes and improve security in the future. This could involve investing in additional cybersecurity products or software, and restructuring your IT to increase protection for the most sensitive data (such as separating customer data from systems used for email).

Don’t forget to train your employees.

Employees are the weakest link in cybersecurity breaches. Once things have settled down, implement (or revise) your all-staff cybersecurity training with the knowledge you’ve gained from this breach.

used with permission from HP Tech@Work

Gizer Gedik

Marketing

Recent Posts

Shared Mailbox vs. Regular Mailbox in Microsoft Exchange

Microsoft Exchange provides multiple ways to control email communication in a business. Shared Mailboxes and…

2 days ago

Remote Work Rising: The New<br>Way We’ll Work

Remote working was once a niche specialty, only used by tech-savvy and freelancers. But in…

2 days ago

The Role of Print Servers In<br>An Organization

While we live in a digital age, print is still a staple for many businesses.…

2 days ago

Implementing Anti-Spoofing Rules for Email Protection

Increasingly, email communication is playing a pivotal role in business operations, facilitating collaboration, customer engagement,…

3 days ago

The Comprehensive Benefits of MSP Management for Servers, Exchange, O365, VPN, and Networks

As the digital landscape evolves, businesses of all sizes face the challenge of managing complex…

3 days ago

Cost-Benefit Analysis of On-Premises Network/Server Infrastructure vs. Azure-Based Cloud Infrastructure

In the evolving landscape of information technology, businesses constantly seek the most efficient and cost-effective…

3 days ago