An Internet Security Threat Report by Symantec shows that 43 per cent of attacks in 2015 were against small businesses, which is up 9 percent from the year before. While you can’t undo a breach once it’s occurred, these are the steps you can take to help mitigate the damage.
Let your customers know right away
The worst thing you can do is not tell your customers about the breach or let them find out from the news. The difference between an acceptable data breach response and an unacceptable one is often times the duration of the delay in informing customers about the breach. As an example, consider the troubles that Yahoo is now facing after not telling customers about a breach in 2014 that impacted around 500 million users and another breach in 2013 that affected over a billion accounts. Not only did failing to tell customers until years later cause Verizon to lower its acquisition offer by $350 million, but it has also opened the company up to lawsuits.
A similar thing happened during the Target breach. Target waiting to inform the customers and credit card companies about the breach, leading to fraudulent credit card charges that could have been avoided had those cards been flagged and promptly deactivated.
Know your law
State laws vary on how soon after the breach you have to inform your customers and how you must inform them. For example, California has a law that includes the exact template businesses need to use when telling customers about a data breach. Additionally, Connecticut now requires businesses to offer consumers affected by a data breach at least one year of credit monitoring. Most states have some laws, so it’s important you know what they are and follow them accordingly.
Prepare for lost revenue
No matter how quickly and professionally you handle the breach, you have to prepare yourself for lost revenue if customers are hesitant to do business with you. Therefore, you need to limit any non-essential expenses and increase your spending on advertising and public relations. Also, have a plan for how you’ll keep sales going if your current network is down because of the breach. This can include having a backup network in place or even taking orders by pen and paper if necessary.
Re-examine your cloud security
With the cloud becoming the future of computing, it’s likely that future breaches will mostly involve cloud services. Now is a good time to examine your cloud security controls to ensure that your sensitive data stored in a cloud service provider’s data center remains secure. If you use multiple cloud services, it is important to have a single control point to enforce your cloud security policies. While popular cloud services such as Office 365, Dropbox, Google Drive, and Box have built-in security capabilities, they don’t talk to each other when it comes to securing data that’s uploaded. As an example, if you want to encrypt HIPAA controlled data, make sure it’s being encrypted across all your cloud services.
One emerging security technology that can help accomplish this is cloud access security broker (CASB). This type of cloud security technology can help implement a host of security controls, including data loss prevention, access control, collaboration control, encryption, tokenization, and malware prevention.
Consider a forensics team
You should also consider bringing in a cybersecurity forensics team to help you find out what type of attack occurred and where on your network. These experts can also provide annual testing that lets you know where your network weaknesses are, so you can shore up your defences and prevent another data breach from happening again.
While dealing with the aftermath of a data breach is never pleasant, how you handle it can mean the difference between whether your business survives or not.