You’ve been breached, now what?

We can usually tell when a call is coming in for our cyber incident response services just from the tone of the voice on the other end of the phone.  A cyber breach is an extremely high-stress situation, and one that many organizations are unprepared for.  So what can you do BEFORE you are breached to minimize the impact?

Think about the type(s) of data you maintain that are most sensitive.  Do you process credit cards, maintain medical records or personal information such as social security numbers for clients or staff?  Most compliances now require that you have a plan in place for incident response to meet the guidelines for protecting this information and notifying the appropriate parties in the event of an incident.

Who needs to be notified?  This is another reason to plan ahead.  You will need to notify the appropriate staff within your organization of course, and if you don’t have the expertise in-house, you will want to contact a firm that provides incident response services as soon as possible to identify the extent of the incident, contain and begin remediation, and to preserve evidence that might be needed in the event of future litigation.  Which brings up another point, you will have outside parties to notify as well, starting with legal counsel (who should have a cyber practice so they know how to best advice you),  your commercial insurer (assuming you have adequate cyber coverage for the costs of the investigation, recovery and possible damages), and possibly public relations if the incident requires public notification and you want guidance on how to be as informative as possible to those affected while maintaining your good reputation.

Hopefully by now you are thinking “wait a minute, if I have been breached, I will already need to know all of that”.  You’re right.  Planning ahead is the only way to know that you have all of the bases covered by knowing what you have to protect, where it is located so you know if it was compromised, who to call, and that you are covered for the unexpected financial hits you are about to take.   Our Incident Response download covers questions you need to ask yourself to confirm if you are prepared.  Do yourself a favor and run through them.