The recent pandemic has tremendously and forever changed the business landscape. In light of the changing professional and personal work expectations, businesses now face a completely new set of operational challenges. The challenges have accelerated rapidly since the pandemic began.
The digital revolution has also given rise to an evolving threat landscape. Cybercriminals are using this opportunity to target businesses by attempting to access the personal information of their customers and employees. The threat is significant – It is estimated that a business will fall victim to a ransomware attack every 11 seconds by 2021.
Here are a few more predictions that may occur in the coming years:
- Skimming isn’t new but the next frontier is an enterprise-wide attack on a national network of a major financial institution, which can cause millions in losses (Experian)
- A major wireless carrier will be attacked with a simultaneous effect on both iPhones and Android, stealing personal information from millions of consumers and possibly disabling all wireless communications in the United States (Experian).
- A cloud vendor will suffer a breach, compromising the sensitive information of hundreds of Fortune-1000 companies (Experian).
- The online gaming community will be an emerging hacker surface, with cybercriminals posing as gamers and gaining access to the computers and personal data of trusting players (Experian).
A Data Breach is Inevitable
A data breach is thus inevitable, every business must take step to have a strong and robust breach response plan. However, considering response time is also important. The longer a business takes to respond to a breach, the more challenging it becomes for them to maintain its reputation and the trust of its customers.
- The average time to identify a breach in 2020 was 228 days (IBM).
- The average time to contain a breach was 80 days (IBM).
Here are five factors to consider when developing a response plan to ensure your business is in a strong position to respond confidently and effectively when it falls victim to a data breach.
1. Be prepared
Financial services have long been the prime target for cyber criminals, but today businesses of any type or size are vulnerable – especially with the rapid acceleration of e-commerce and online transactions.
Being prepared means you have the resources to respond quickly and to notify all relevant parties if a breach is discovered, but a response such as this is only possible with extensive planning.
Consumer research from Experian found 90% of people would be more forgiving of companies that had a response plan in place, while nearly 70% said they would stop doing business with a company that displayed a lackadaisical attitude to data security – a strong indication of the importance of having a plan in place.
2. Create a plan
Businesses need to consider the type of data it holds and identify where potential attacks may occur.
The plan should set out how to investigate and resolve any breach, how to notify customers and any relevant authorities, and how to communicate with the wider public too. Preparing materials and communications in advance will help deploy them quickly while understanding what resources will be required to contact potentially thousands of customers will need to be considered.
3. Build a response team
It is vital to assemble a data breach response team well in advance to deal with a potential breach as efficiently as possible. This team comprises of the following:
- The incident lead – They determine when a full response is to be activated. They also coordinate the overall response, acts as an intermediary between team members.
- Customer Care – assists in developing and delivering phone scripts, notifications, and logs call volumes. They provide a dedicated call centre and email response.
- C-Suite – engages in planning and implementation, maintains communications with directors, stakeholders, and investors.
- IT – This team identifies security risks. They train personnel in data breach response, work with partners to identify compromised data and eliminate hacker tools.
- PR/Communications – determines notification and crisis-management tactics, develops customer communications, tracks media coverage, and responds appropriately.
Businesses should also identify relevant external partners. These may include legal, forensics, and data breach response specialists, as well as key influencers, regulators and insurers.
4. Practice and refine
Once you have a plan in place, businesses should conduct department-specific training and practise its implementation.
Everyone needs to understand their responsibilities, both in preparing and responding to a breach. Only by practising repeatedly can you identify potential weaknesses and gaps in your resources. We recommend conducting simulation drills every six months, involving the entire data breach response team and external partners, covering multiple possible scenarios.
5. The first 24-hours
Acting decisively within 24-hours of any breach is key to regaining your security, preserving vital evidence, and protecting customers. As soon as you identify the breach, initiate the plan, and mobilise the team. It is essential to collect and record all the information about the data breach. They must include all communications with regulatory bodies and legal professionals.
And finally, put your customers first. Any response plan needs to ensure that it is ready to notify them quickly and sensitively about any incident. Tell them what has happened and the action you are taking to ensure their data is safe. This information is crucial in minimising distress, providing reassurance, and at the same time, protecting the businesses’ reputation as well.
Our incident response services will stop attacks in their tracks. Our data breach response plan will immediately consider how it has impacted your business. We will mitigate future damage, and collect all relevant evidence for civil, criminal, or regulatory proceedings.