August 4, 2017

Why You Need a Data Breach Response Plan

The latest mid-year report on data breaches issued by the ITRC reaffirms everyone’s suspicions that 2017 is going to be a banner year for the number of successful cyber breaches against US organizations.

One notable takeaway: “If the number of breaches stays on pace with those reported in the first half of 2017, we’ll achieve a 37 percent increase over 2016 by hitting 1,500 breaches for the year. Mid-way through the year, there have already been over 16 million records exposed – and that is just from the 33 percent of breaches where this information was provided.” 

The ITRC defines a “data breach” as an event where an individual’s personally identifiable information (PII) is at risk of exposure. Data records that constitute PII include a name plus one other piece of data, which can include a social security number, a driver’s license number, medical record, financial record, or other data that essentially identifies the individual.

PII attacks are alarming, and of significant concern. For example, 60 percent of the breaches this year have exposed social security records. Hacking is the leading cause of data breaches (63 percent of all breaches) and is comprised of malicious activities such as phishing, ransomware/malware, and skimming.

To make things even more ominous, consider that the numbers in the ITRC report only reflect the data breaches, which are known and disclosed. We do not have any insight into the breaches that have gone undetected. Considering that every organization is at risk of a data breach, it is likely that:

  • Many organizations that assume they haven’t been breached actually have been.
  • Your organization will be breached. Unfortunately, because of the increasing rate of breaches, chances are good you will eventually be breached – it’s just a matter of time.

The importance of transparency

So, what’s an organization to do? According to the ITRC report, companies that come out ahead are those that are “transparent” and communicate the details and implications of a data breach to data-privacy regulation authorities as well as their customers and partners.

To be transparent, you first need access to the right kind of data to perform effective cyber forensics and breach response. Additionally, you also need all of the data related to that breach in order to determine the full scope of data breach response needed. In many cases, companies don’t know which records were actually accessed and just have to guess, and this guessing game is expensive. For example, medical records cost over $300 per record reported, according to those who have had breaches in the Northeast. Five thousand such records reported would cost $1.5M.

Detecting breaches and figuring out what records were accessed sounds hard, doesn’t it? Well, it doesn’t have to be. You may want to consider a breach response solution that helps you fully leverage your existing security equipment, automatically alerts you when an intrusion alert occurs against your critical assets database and file stores) and provides you all the conversations related to that breach – including exactly what records were breached. In fact, because it works quickly, you can know when a critical system is being breached as it happens and take action to minimize the impact, saving significant money and effort.

Don’t be “that company.” Take control and improve your ability to identify, investigate, and understand the impact of a data breach. Get informed and check out CSPi’s Myricom nVoy rapid breach response solution.

For more information on CSPi’s nVoy rapid breach response solution, download our whitepaper, “Automated Investigative Response,” to learn more.

Tags: data breach, cybersecurity