A slow response to a data breach can mean even bigger problems for a company. Here are eight quick actions to take as soon as you find out your business has been hacked.
- Freeze everything
- Ensure auditing and logging is ongoing
- Change passwords or lock credentials
- Determine the impact
- Determine how it happened
- Determine what needs to be done
- Communicate the details to the appropriate internal personnel
- Make public announcements and prepare for responses
After the breach
There are a couple of things you must do to engage in reinforcement after the dust has begun to settle, if you want to ensure you won’t find yourself back in the same place.
Identify areas for improvement
Every data breach occurs through some sort of gap – a gap in training, awareness, security measures, technological capabilities or some other point of entry. Figure out where the gaps occurred so you can fill them in, likely with increased education and heightened compliance requirements, then apply these as needed.
Work on preventing the next breach
Focus on efforts to help reduce the risk of a reoccurrence. Improve patching mechanisms if exploited vulnerabilities were the source of the breach. Mandate encryption if company information was stolen from a micro-SD card in an Android tablet. Utilize improved authentication methods (2-factor authentication is highly recommend) where required. Consider other elements which can help your company’s chances in the future and apply them as necessary.