According to the 2016 Ponemon Data Breach Study, the average cost of a data breach is $4 million. Once a breach occurs, there are several things you must do to begin your recovery process. Here are 5 tactics to implement after a data breach occurs.
- Confirm the breach is over and secure your remaining systems. Once the breach is finalized, you need to secure your systems. Change your passwords and encryption keys immediately. If necessary, restrict access to a short list of authorized personnel until you can determine how the breach occurred. Additionally, you will want to isolate any systems or data that may have been compromised to avoid a second breach.
- Investigate the breach. This is an extensive process that will require in-depth research. What systems and information were compromised? Who had access to the information? How was the information compromised? Finding the answers to these questions may take some time, but it will help determine what actions should be taken to strengthen security policies and prevent additional breaches from occurring.
- If possible, recover any lost or compromised data. If you can recover some of the data that was lost or compromised, you may be able to prevent further damage from occurring. For example, if you know a batch of credit card numbers was compromised, you should immediately contact the financial institutions of the cardholders who were compromised to issue new cards. Getting ahead of the loss is the best way to prevent additional losses from occurring.
- Notify law enforcement. Contact the appropriate law enforcement agency once you know a breach has occurred. Having a documented report of the breach can help you if you end up taking legal action against someone who may have perpetrated the breach.
- Consult with your lawyer to determine your obligations and pursue any legal action. Most companies have a lawyer on retainer for any legal issues that may arise. Counsel can advise of your legal obligations as the result of a breach. Additionally, if you determine the cause of the breach to be no fault of your own, they can advise the best course of legal action.
Acting quickly once a breach occurs is the best way to implement corrective actions and avoid further damage. For more information about how to protect your network and data, contact us today.