BreachExchange mailing list archives
Keep calm and prepare for a cybersecurity breach
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 4 Aug 2015 17:37:06 -0600
http://thedailyrecord.com/2015/08/03/keep-calm-and-prepare-for-a-cybersecurity-breach/ Cybersecurity and data forensic firms are sending a loud and clear message: no one is safe. Theoretically, anyone could become the target of a state-sponsored hacking group working in shifts and around the clock whose single purpose is to break into your computers to steal or wreak havoc. When you become such a target, your fate is sealed and it is only a matter of time until you become the victim of a cyber-breach. Law firms, they say, are sought-after targets. The reports on data breaches seem to be ever more frequent and ever more disheartening. The goals of the criminals are many – to steal credit card information (e.g., Target and Home Depot breaches), to stockpile information on the workings of the U.S. government (e.g., U.S. Office of Personnel Management and United Airlines breaches), to obtain confidential files from law firms to be used in litigation (e.g., the recent California lawsuit against major workers’ compensation insurer and their attorneys), to manipulate penny-stock prices (e.g., JPMorgan Chase breach), to engage in insider trading (e.g., recent SEC investigations into breaches), or to gain a competitive edge in sports (e.g., St. Louis Cardinals hacking the Houston Astros). The perpetrators are both foreign and domestic. They are outsiders and insiders of companies. Some apply for jobs with the ultimate purpose of getting into an organization and stealing data. Others steal data when their employment is terminated. Trusted individuals may destroy evidence to hide breaches. Other times, evidence of a breach is destroyed without knowing that preservation could have mitigated damages. It is all very discouraging. Not all hope is lost, however. Most law firms will never become direct targets of foreign state-sponsored hackers. Rather, like other organizations, law firms are more likely to be exposed to more pedestrian threats. These are caused by human error – clicking on a link in a phishing email, losing laptops or cellphones, mistakenly sending data to the wrong addressees, not following basic security company policies, carelessly handling of company data on personal computers, not password-protecting devices, or not encrypting data. Many of these threats are preventable. Human error is part of life, however, and therefore so are cyber breaches. The silver lining is that with careful pre-breach preparation, the aftermath of a breach can be much less costly. The first step in preparing for a breach is to acknowledge the need for education on and a heightened awareness of cybersecurity issues. Accept that cybersecurity must become part of your organization’s culture. The next steps involve everything a victim company wishes, often too late, that it had done before it was breached. These measures will focus on prevention by training of personnel and by implementing data security policies. They will also focus on reducing the time and cost to respond to a breach. Generally, they include: (1) adopting security practices that are reasonable and appropriate for the size of the organization and the industry in which it operates (pay attention to the data security guidelines issued by the state and federal agencies relevant to your industry); (2) including cyber professionals in management and at the board level of the organization; (3) retaining outside data security lawyers before the breach occurs to avoid scrambling to find counsel at the very intense time when you learn of the breach; 4) retaining forensic cyber professionals before the breach occurs to avoid wasting precious time and paying “emergency basis” fees when the breach occurs; (5) investing the money to test your organization’s vulnerability level and to identify weak links; (6) creating a breach-response team with a response plan; (7) doing at least one test-run to see how the response plan plays out; and (8) starting a relationship early on with the local FBI and Secret Service offices to know how and when they can help. Finally, take a deep breath and exhale slowly. There is insurance to cover cybersecurity breach incidents. And if you go through the steps above, you will also be in a position to judge how much cyber insurance you need. Good luck, and do not forget, encryption is your friend!
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- Keep calm and prepare for a cybersecurity breach Audrey McNeil (Aug 13)