Top 5 tips for dealing with a hacking crisis

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.cbronline.com/news/top-5-tips-for-dealing-with-a-hacking-crisis-4663072

Cyber crime is rewriting the crisis management rule book as data breaches
get ever more damaging and costly for the enterprises that suffer them.

High profile web sites such as Ashley Madison and household name companies
like Carphone Warehouse are just two of the most recent public data
breaches that have circulated the media recently and they won't be the
last. Apart from the immeasurable disruption such breaches can cause
customers, they also provide not only short term, but also long term harm
to the brands reputation and bottom line.

More often than not, companies are taking far too long to detect a data
breach and to clean up the mess.

In the worst cases, the breach is not discovered at all during the data
theft process, even if the data is being put to criminal or unethical use
right under an organisation's nose.

As data breaches are becoming more publicised and damaging to valuable and
hard-built reputations, board of directors are taking the threat far more
seriously and hold IT far more accountable if they fail to spot, contain or
otherwise act against an intrusion or malware outbreak inside the
organisation. Current crisis management techniques are outdated, formulaic
and constrained when compared to the crisis they are trying to contain and
resolve.

Security systems are just not dynamic or multi-faceted enough to deal with
the nature of today's ubiquitous cybercrimes.

Cyber crisis management should not be considered simply as a combination of
crisis management, emergency and terrorist responses. There needs to be
both internal and external cooperation and communication in play and an
environment where enterprise risk management, business continuity,
emergency response, reputation management, and corporate governance are
balanced.

What to do when a data breach or crisis hits?

Whether you are a giant multinational corporation, a small business, sole
trader, or end user, you can help to stop breaches and clean up the damage.
First, the most pressing problem is discovering the breach. Recent research
from the Poneman Institute revealed it takes an average of 256 days to find
out that an organisation suffered a breach.

Meanwhile, credit card numbers may have been exposed, competitors may have
an organisation's confidential plans and intellectual property, while
personal information may be used for identity theft and other financial
fraud. Intrusion detection, firewall logs and solutions like an event log
manager can all help to identify suspicious activity earlier.

If you have logs, you really must read them to see if anything is askew.
Also, if you are a client-facing organisation, make sure you empower your
customers to contact you if they see anything suspicious happening with
their account.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!