Manufacturers Must Prepare for the Inevitable Data Breach

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.industryweek.com/technology/manufacturers-must-prepare-inevitable-data-breach

IT security is a growing threat for businesses of every type, and the
manufacturing industry is no exception.

Last year, U.S. consumer cyber-attacks came at a price of $38 billion,
according to the 2013 Norton Cybercrime Report by ZDNet and USA TODAY.

That number has undoubtedly risen in 2014, with The Home Depot, Best Buy,
and most recently JP Morgan Chase as some of the biggest headliners.

While millions of consumers have been affected by larger data breaches,
there are countless other small and medium-sized manufacturing and retail
businesses that are going through the very same breaches, just on a smaller
scale.

Hackers today have become savvier, learning new ways to infiltrate
networks. As technology has advanced to increase protection, cyber
criminals have learned to prey on the weakest security link: people.

Employees ready have access to company information and are often ignorant
about how to detect and prevent breaches because of a general lack of
training.

That means a cyber-attack at your company is no longer a question of if,
but when.

A data breach doesn’t necessarily mean money is stolen.

It is the compromise of valuable information, and each company defines that
value differently. In the manufacturing industry, it could be access to
designs, specifications, or research and development information.

It could be classified client information, account history, or employee
personal information. It is critical that manufacturing businesses have a
breach preparedness plan in place.

Preparing for a Data Security Breach

The starting point in planning for cyber-attacks is implementing an
incident response plan (IRP) to ensure appropriate action if security is
breached.

An effective IRP will address preventative controls, timely detection of
potential problems and rapid response to data security breaches.

According to the 2014 “Cost of Data Breach Study: United States” conducted
by the Ponemon Institute, the appointment of a Chief Information Security
Officer and involvement of business continuity management in the incident
response process decreased the costs of breaches per compromised record by
$10 and $13, respectively.

However, the most significant cost reductions for organizations came from
having a strong security posture, which reduced the average cost of a data
breach by $21 per compromised record, and an incident response plan, which
shrunk the cost by $17 per compromised record.

These findings emphasize the importance of being prepared for a breach in
data security.

The key components of a well-defined IRP include:

Incident Response Team – Select individuals from departments that will be
involved when a data security breach occurs, such as Executive Management,
Information Technology, Human Resources, Public Relations, Legal, and
Operations.

Identify the roles each Incident Response Team member will play and ensure
they have the authority to execute.

Data Classification – The organization’s incident response strategy takes
into account the type of data compromised by the breach in determining its
response efforts and activities. Categorize data so employees know how to
handle various types of information. Levels can include
“public/non-classified,” “internal use only” and “confidential.”

Then, focus on protecting the most confidential data.

Communication Plan – A comprehensive communication plan involves more than
maintaining a current contact list of Incident Response Team members,
system support personnel and external service providers.

The organization should also plan what message it wants to convey and to
whom it will communicate internally and externally after a security breach.
Include an alternative plan when the normal notification process is
pre-empted.

Training – Incident preparedness training ensures that all company
personnel are ready to handle data breaches before they occur.

Incident Response Team members should be well versed in how to
appropriately evaluate, respond and manage security incidents.

Even if not directly involved in the incident management process, all staff
should understand the company’s overall breach response plan so that their
actions support, not hinder, breach response efforts.

Testing – The IRP should be thoroughly and continuously tested in advance
of an actual data breach to help identify process gaps and provide
assurance that the plan will be effective in responding to incidents.

Strengthening the Weakest Link

Without a doubt, employees are the weakest link in the security chain.
Cyber criminals not only understand this, but exploit it. The curious and
fallible nature of humans demands that companies train and reinforce their
employees on these matters. This is an area that companies cannot afford to
overlook.

As long as hackers can infiltrate just one point in the perimeter of the
security field, they can then explore and access layers and layers of the
information that is of most value to that business.

Losing a company laptop, inputting improper credentials or failing to work
on a secure network all compromise a company’s IT security.

“Bring Your Own Device” (BYOD) complicates matters as employees create new
risk by accessing company data with their own technological devices
including laptops, smartphones and tablets. Employees must be motivated to
think about and understand the security risks and consequences associated
with their actions.

The Bottom Line

It is critical that manufacturers are aware of the new risks and new ways
to address them, allocating time regularly to exploring new threats and new
controls. The average cost of a data breach is $5 – 6 million, according to
Experian. Your company must manage to this risk.

Even though companies may properly prepare, data breaches will continue to
happen.

We will always be vulnerable, but how we prepare can help ease the pain
when an attack hits.

Preventative measures will minimize disruption to customers, operations and
productivity, and aggressively managing through the security breach will
yield a much more desirable outcome.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!