There is an uncomfortable truth in the enterprise community when we talk about securing the business operation and introducing layers of security. Many enterprises find that security breach is inevitable and can affect anyone, even with the best security solution or with no security solution. The enterprises that are giving up on the security infrastructure as a solution to deal with data breaches; Because the recent data breach across industries have been overwhelming.
If you look at the stats from the last year, DNA testing firm MyHeritage Suffered a breach of data that affected more than 92 million people. In March the data exposed affected more than 87 million users on Facebook. Then we had the Ticketmaster with a breach that affected almost 40,000 people leading to revelations of payment data, addresses, names and phone numbers. Even one of the biggest airline in the history was affected by the breach that impacted close to 380,000 transactions.
The breaches haven’t painted a pretty picture for the consumers, as they don’t want their data to become a commodity in the market. The recent study was focused towards analyzing the consumer behavior with retail markets that have been affected by the data breach- almost 19 percent of the consumers will stop spending money at such retail spaces while 33 percent had stopped for certain time being. The data breach directly affects the revenue of the enterprise as the stock price plumb and service/product are discarded.
The current security regulations such as GDPR are making the enterprises find a solution that can give the users more control over the data. Enterprises believe that as the digital transformation is being achieved the surface area for the breach will increase, leading to the exploitation of data. Cloud and mobility solutions might sound good for the enterprises but without a security layer, the transformation might prove costly.
PREPARING FOR THE DATA BREACH
The survey conducted for all the enterprises that deal with sensitive user data has predicted that having a Chief Security Officer and the implementing the business continuity management will reduce the cost of data breaches per compromised record by almost $20 and $23 respectively. Also one of the most significant cost reductions came in from having a strong security posture that reduced the cost of a breach by almost $21 and with incident response plan it reduced the breach by $17 per compromised record.
To build an effective plan to minimize the after effects of the breach one of the main aspect many enterprises are looking towards exploring. An Incident Response Plan (IRP) will ensure appropriate steps are being taken if the security is breached. For enterprises protocol and IRP can be something or different depending on the data type and security for data.
HERE ARE SOME OF THE KEY COMPONENTS IN THE INCIDENT RESPONSE PLAN (IRP):
- Incident Response Team: The team will comprise of the individuals that can understand the complexity of a data breach. Employers that hold the position of Executive Management, IT admin, legal, operation, and PR the list will differ according to the enterprise. Each of the individuals will play a role in the IRP to ensure that an action plan is developed that reduces the breach after effects.
- Communication Plan: Implementing cohesive communication plans that maintain the speed and agility of contact during the breach between the team and external providers. The communication plan should also include the press release that will help to communicate about the breach with external agencies.
- Classifying the Data: The incident response strategy for the enterprise takes into account different types of data that are being stored by the enterprises. Categorization of the data helps to develop an IRP strategy to have an infrastructure in place for most sensitive data. Data can be divided into three levels Public, internal and sensitive.
- Training- Preparedness for any of the incidents will require a thorough training that will help in handling the data breach. The team should be well versed with all the required situations, the after evaluation, incident management and also deal with communication on different stages. All the enterprises should plan a constant response plan for the breach efforts.
- Testing: Before enterprise put the IRP in the formation, a need of an end to end testing will help to identify gaps during the actual data breaches. The enterprise can also identify the need of any other resource that can help in building better effectiveness of the team.
ASKING THE RIGHT QUESTIONS
The question is never can I prevent the attack? The digital transformation will induct many of the technology security gaps. But the enterprises need to entertain different constraints that find different security touch points of the system. The detection of the attack type and how quickly the response team reacts to the attack will also assist the enterprises to prepare at a different level.
Enterprises that deal with sensitive user data need to shift from only prevention strategy and move towards the after response strategy. Elaborate attacks that are targeted towards the data should actually look towards prioritizing the response reaction.
Cybersecurity is not just a quarterly process that needs to be deployed only once, the enterprises need to have a guaranteed plan in place that can prevent further security threats. On an average, a breach causes around $ 1.23 million enterprise revenue, if enterprises plan together and implement the necessary measures it can help in minimizing the attack repercussions. To know more about the Cybersecurity for enterprises you can download our recent whitepapers.