Recovering from a Data Breach

According to the latest Verizon Data Breach report, 85 percent of organizations breached did not realize they had been compromised, sometimes for weeks or months. Often they only found out when alerted by a third party. So cyberhackers can be at work in compromised networks -- as we've seen in many recent situations -- for weeks or months. The question, then, is what do you do once you find out your data has been compromised? This week's articles provide the answers.

Given the near-certainty that some form an attack or data breach will happen in your organization, it makes sense to consider scenarios and plan for them when it happens. (Item #1)     What's the most important next step you should take following a data breach? (Item #2)     Security analysts are saying that it's not IF you are the victim of a data breach but WHEN. (Item #3)    

Responders need a plan of action going into a breach and tools to support those actions. (Item #4)     Cost estimations provide a new perspective on the severity of IT security incidents. (Item #5)     Why are you often the last to know that your data has been breached? (Item #6)    

As always, I look forward to hearing about your concerns with regard to business continuity. If there are any topics that you'd like to see covered, email me at bmellinger@attainium.net.

Bob Mellinger, President
Attainium Corp



1. Strategy: Planning and Recovering From a Data Breach

The costs of a data breach-lost business, damaged reputation or the risk of regulatory action-have never been higher. Yet, while successful breaches occur within minutes and 88% are exfiltrating within those minutes, the discovery of a breach can take weeks or months.
http://www.securityweek.com/strategy-planning-and-recovering-data-breach


2. Data Breach Experts Share the Most Important Next Step You Should Take After a Data Breach in 2014 - 2015 & Beyond

As demonstrated by recent security breaches of several large, tech-savvy companies such as Target, LivingSocial, Facebook, Gmail, and Twitter, no set of security measures is completely infallible to a breach. What businesses of today have to then consider is: what is your plan of action after a data breach when your security and data loss prevention measures have failed?
https://digitalguardian.com/blog/data-breach-experts-share-most-important-next-step-you-should-take-after-data-breach-2014-2015


3. The 10 Critical Steps to Take After a Data Security Breach

Although security breaches have been affecting companies for years and influential names in the IT industry have sounded the alarm saying this tendency will only continue to increase, nobody did anything about it. Even more, most corporations in the world just went hiding behind a this won't happen to me belief.
https://heimdalsecurity.com/blog/critical-10-steps-data-security-breach/


4. When Breaches Happen: Top Five Questions to Prepare For

Breaches happen. Preparation, then, is a matter of where to put your efforts. Organizations need to prepare for the reality that major security events will happen -- including breaches that can impact the risk and compliance posture of the organization. Security professionals should make every effort to prevent incidents but it's not realistic to assume that their efforts can be universally effective.
https://www.sans.org/reading-room/whitepapers/analyst/breaches-happen-top-questions-prepare-35220


5. The average budget required to recover from a security breach

The average budget required to recover from a security breach is $551,000 USD for enterprises, and $38,000 for small and medium businesses according to Kaspersky Lab. Based on a worldwide survey of 5,500 companies conducted in cooperation with B2B International, the survey concluded the most expensive types of security breach are employee fraud, cyber-espionage, network intrusion and the failure of third party suppliers.
http://www.net-security.org/secworld.php?id=18873


6. How do the FBI and Secret Service know your network has been breached before you do?

By all accounts, many of the massive data breaches in the news these days are first revealed to the victims by law enforcement, the Secret Service and Federal Bureau of Investigation (FBI). But how do the agencies figure it out before the companies know they have been breached, especially given the millions companies spend on security and their intense focus on compliance?
http://www.networkworld.com/article/2175582/security/how-do-the-fbi-and-secret-service-know-your-network-has-been-breached-before-you-do-.html


Quote of the Week:

"Security breaches usually entail more recovery efforts than acts of God. Unlike proverbial lightning, breaches of security can be counted on to strike twice unless the route of compromise has been shut off."

-- FedCIRC

Contact Us:

Attainium Corp
15110 Gaffney Circle
Gainesville, VA 20155
www.attainium.net