By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    data analytics in sports industry
    Here’s How Data Analytics In Sports Is Changing The Game
    6 Min Read
    data analytics on nursing career
    Advances in Data Analytics Are Rapidly Transforming Nursing
    8 Min Read
    data analytics reveals the benefits of MBA
    Data Analytics Technology Proves Benefits of an MBA
    9 Min Read
    data-driven image seo
    Data Analytics Helps Marketers Substantially Boost Image SEO
    8 Min Read
    construction analytics
    5 Benefits of Analytics to Manage Commercial Construction
    5 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: 5 Essential Steps To Take After A Data Security Breach
Share
Notification Show More
Latest News
big data mac performance
Data-Driven Tips to Optimize the Speed of Macs
News
3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows
3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows
Artificial Intelligence
data analytics in sports industry
Here’s How Data Analytics In Sports Is Changing The Game
Big Data
data analytics on nursing career
Advances in Data Analytics Are Rapidly Transforming Nursing
Analytics
data analytics reveals the benefits of MBA
Data Analytics Technology Proves Benefits of an MBA
Analytics
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Data Management > Best Practices > 5 Essential Steps To Take After A Data Security Breach
Best PracticesData ManagementITPrivacySecurity

5 Essential Steps To Take After A Data Security Breach

Particia Dimick
Last updated: 2017/05/20 at 3:48 PM
Particia Dimick
7 Min Read
SHARE

Hackers are an insensitive breed, with no respect for violating other people’s finances and personal business dreams.

Like pickpockets stealing wallets, they steal usernames and passwords to get access to credit lines, bank accounts, and payment processors. Like con men, they look for data that will allow them to steal someone’s identity, using this stolen personal information to commit crimes. Like hijackers, they like to break into other people’s computers and then use these systems as a base to attack other computers online.

Hackers are an insensitive breed, with no respect for violating other people’s finances and personal business dreams.

More Read

anti-spoofing tips

Anti-Spoofing is Crucial for Data-Driven Businesses

Cloud-Centric Companies Discover Benefits & Pitfalls of Network Relocation
Four Strategies For Effective Database Compliance
Fortifying Enterprise Digital Security Against Hackers Weaponizing AI
Optimizing Cost with DevOps on the Cloud

Like pickpockets stealing wallets, they steal usernames and passwords to get access to credit lines, bank accounts, and payment processors. Like con men, they look for data that will allow them to steal someone’s identity, using this stolen personal information to commit crimes. Like hijackers, they like to break into other people’s computers and then use these systems as a base to attack other computers online.

Why Hackers Target Small Businesses

Hackers like to target small businesses because they know that they probably don’t have virtualization security and can’t protect their data with the real-time response tools used by big companies.

A Forbes article by Pragati Verma covers one disturbing example of what can happen to a small business after a hacker attack:

“In January 2013, 80sTees.com was notified by Discover that cardholders that had used the 80sTees.com site had experienced suspicious transactions on their credit card accounts. An initial investigation by 80sTees.com didn’t find any evidence of intrusion, but the company later heard from Visa and MasterCard with the same concerns. Finally, they discovered that the personal data of thousands of customers had been put at risk.”

The attack, said CNBC, cost the small business $200,000. This six-figure loss does not include opportunity cost—the amount the company could not earn during the time its business services were frozen.

What Can Be Done?

After a security breach, emotions run high and it can be difficult to restore order. If your business experiences a security breach, the following five guidelines will give you a framework on how to handle the legal, technological, and public relations ramifications after an attack:

1. Investigate the crime.

Who did it? When? And how? It’s essential to get a comprehensive account of what happened, as well as deduce how the hackers got in, which computers they accessed, which accounts they looted, and who has been affected.

Like any crime, it’s sometimes difficult to recreate the scenario after a data breach. While it’s possible to get clues from a web host, a security company, and an Internet service provider, local law enforcement computer divisions and the FBI can also do a forensic analysis.

2. Get expert legal counsel immediately.

If you don’t have insurance, you will have to hire your own lawyer.

There are three reasons why you must get the best legal representation fast:

First, you will be under a legal obligation to inform all parties affected by the security breach.

Second, you will have to notify state authorities. Since it’s unlikely that your customers are only from one state, the breach will have affected customers nationwide. Since there is no federal agency to handle the security breach notifications, you will have to work through each of the different state laws.

Third, you may not get much sympathy from partners, vendors or customers. In many cases, the victims place the blame on the business for not having tighter security measures (even if this is not true). You may be faced with a barrage of liability lawsuits.

3. Be as transparent as possible.

It’s often tempting for business owners to downplay the extent of the breach to prevent the panic experienced by the victims—partners, employees, and customers. However, once the information leaks out, panic turns to rage, and this is often directed toward the small business.

It’s important to remember that at this critical stage, emotion prevails over logic. Although the business owner is also a victim, he or she is blamed for carelessness in implementing security measures and duplicity for not sharing exactly what happened and what is being done to fix the problem.

So, at this point, it’s important to communicate as early as possible. All follow-up communication also has to be done quickly, honestly, and as clearly as possible.

Here are the basic steps to ensure transparency:

  • Admit any fault and accept full responsibility.
  • Provide full details and explanations.
  • Summarize what happened in plain language, avoiding technical complexity.
  • Describe what steps are being taken to clean up the issue and what preventative steps are being taken to prevent this from happening in the future.
  • Create an open dialogue with all those affected, which includes expert legal and IT representation.

4. Clean up the mess.

After a breach, there is a mess to clean up. This may disrupt business operations and be expensive, but it can’t be avoided.

Common clean up processes may include:

  • Identify and take out breached computers.
  • Shut down the website and discontinue any other payment processing (for example, phone orders).
  • Reformat hacked computers.
  • Restore data from a clean backup.
  • Buy new computers if damage is too extensive.
  • Patch any flaws to the software being used.
  • Secure all accounts with new, complex passwords.

5. Restore your reputation and rebuild your infrastructure.

Make the technological and policy changes necessary to reassure all parties involved that this incident will not happen again. New policies should include employee training on security measures.

Protect and Prepare

Protecting sensitive data is not just an IT challenge, but also a business one. Small businesses need to protect their infrastructure against all possible threats and also prepare a data breach recovery plan.

Particia Dimick May 19, 2016
Share this Article
Facebook Twitter Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

big data mac performance
Data-Driven Tips to Optimize the Speed of Macs
News
3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows
3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows
Artificial Intelligence
data analytics in sports industry
Here’s How Data Analytics In Sports Is Changing The Game
Big Data
data analytics on nursing career
Advances in Data Analytics Are Rapidly Transforming Nursing
Analytics

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

anti-spoofing tips
Security

Anti-Spoofing is Crucial for Data-Driven Businesses

6 Min Read
cloud-centric companies using network relocation
Cloud Computing

Cloud-Centric Companies Discover Benefits & Pitfalls of Network Relocation

5 Min Read
database compliance guide
Data Management

Four Strategies For Effective Database Compliance

8 Min Read
Digital Security From Weaponized AI
Security

Fortifying Enterprise Digital Security Against Hackers Weaponizing AI

11 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

giveaway chatbots
How To Get An Award Winning Giveaway Bot
Big Data Chatbots Exclusive
ai in ecommerce
Artificial Intelligence for eCommerce: A Closer Look
Artificial Intelligence

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?