.jpg)
Becoming aware that your company has suffered a data breach can be unsettling. However, due to the nature of cybercriminal activity, it is crucial to react quickly and correctly to contain the incident, minimize any further damages, and protect your business from legal troubles. Data breaches are affecting millions of people across the globe, with over 340 million records already compromised in 2023 headline cases and new incidents surfacing every week.
Your business’s best approach to a breach or cyberattack will be unique to the company and will depend, to some degree, on the service you offer, as this affects the type of data you may store. However, regardless of the size of your business, taking the right steps after a cyberattack can help protect your company and any records at risk if you fall victim.
1.Identifying and Containing the Damage
This includes locating where the system weakness was and how it was hacked in the first place. If your business doesn’t have an in-house cybersecurity team, you can outsource IT specialists and a forensics team, as well as seek HR, legal, and crisis management advice, depending on how volatile the situation is. They will help analyze the threat, the extent of the breach, and how to mitigate it.
2.Understanding the Impact
Investigate the breach by running diagnostics to understand the impact it may have had on your business and customers. You need to know if any data has been compromised and, if so, where it may have been shared. Data is often stolen by hackers to sell online, usually via the dark web. However, if you identify manipulated stolen data on other websites, email the website owners to remove it. It’s also important to check what types of cyberattacks are most likely to impact businesses within your industry.
3.Report
A data breach risks the unsolicited sharing of people’s data, which can affect their rights and freedoms. How quickly you need to notify the authorities or your local cybersecurity council, or whether you need to escalate further, can depend on your location, the type of business you have, and how big the risk might be. Generally speaking, however, seeking advice and reporting incidents as soon as possible is best.
Be sure to familiarize yourself with state laws, which your legal counsel will be able to help with. Who you report the breach to can depend on the type of company and the scale of the impact. For example, if you are a covered entity — a healthcare provider — and unsecured health information has been exposed, you must notify the Secretary of HHS (Health and Human Services) of the breach within 60 calendar days from discovery if more than 500 individuals are affected.
If fewer than 500 individuals are affected, you should report it within 60 days of the end of the calendar year in which the breach was discovered. This must be done using the electronic notice forms online. The Federal Trade Commission (FTC) recommends that companies notify law enforcement as soon as possible by contacting local FBI or U.S. Secret Service offices.
In the UK, the General Data Protection Regulation (GDPR) states that incidents that pose a risk must be reported within 72 hours of identification. The Information Commissioner’s Office (ICO) provides a self-assessment tool to help people and companies determine whether a breach needs to be reported. Trust Service Providers and Qualified Trust Service Providers, people or legal entities that create and validate electronic signatures, must report data breaches that may cause serious impact within 24 hours of discovery to the ICO. If you need to report another type of cybersecurity incident, you can do so via the National Cyber Security Centre or seek more guidance on the government website.
.png)
No comments:
Post a Comment