No matter the industry or the size of your business, you are at risk of becoming a victim of a cyber criminal. They target organizations of all sizes, governments, individuals, even IoT devices. If you don’t have a plan in place for what to do if you are hacked, you are putting yourself at risk of losing a great deal of money. IBM and the Ponemon Institute published a study in June 2016 that listed the top factors in reducing costs from data breaches for U.S. companies. We want to share that list with you and explain a few things about how you can successfully implement each one for your organization.
- Incident response team: Assign, hire, create or contract us so that you know who you are going to turn to the minute you find out a breach has occurred. Start with management support, then go from there, setting a strategic plan and vision, implementing the team, communicating the vision with the team, and evaluating its effectiveness.
- Extensive use of encryption: You need to make sure that you are protecting every bit of your data that connects to a network, starting with the security of your local network, to the backend access of your website, your cloud-based applications, and your VPN. Use the best encryption available!
- Employee training: We can’t repeat this often enough. Even if you’ve invested in the latest software and fanciest hardware, your people can be the leak in the dam if they haven’t been trained to be aware of dangers such as phishing scams.
- BCM involvement: BCM stands for Business Continuity Management and defines an approach that starts at the management level and defines, within the organization, potential threats and the impacts those threats would have to operations. Through BCM, organizations build a framework of resilience and a readiness to respond to disruptions.
- Data loss prevention technologies: When an organization has software installed for Data Loss Prevention (DLP), they are notified far sooner that a breach has occurred, allowing the business to mitigate losses.
You wouldn’t hesitate to insure your home, car, business, even your life. Consider it just as important to insure your data in today’s business (and personal) environment. In the words of our CEO, Francis Dinha, “The pace of progress isn’t slowing down. We would do well to study [it] and adapt accordingly.” Make data breach planning part of your adaptation.