We all hear lots of talk about data breach response and data breach response planning, but many times a discussion of what these activities are and why they’re important is missing.
Data breach response is the act of responding to any real or potential event wherein your organization’s critical data has been exposed to an unauthorized individual. I realize that this is a pretty broad definition, but when talking about protecting data that is critical to your company, broader is better.
A data breach could be something as simple as a USB thumb drive that goes missing and just happens to have your company’s strategic plan on it, or it could also be a case of corporate espionage where you suspect that a competitor has stolen the plans for your next-generation product design. If one of these or a similar event happened today, do you know how your organization would react?
This reaction is your organization’s ‘data breach response’ – whether you have a plan in place or not. As we all know, however, every organization should have a Data Breach Response Plan so that this reaction to what is inevitably a very emotional event is as scripted as possible. Data Breach Response Plans allow your organization to think through these reactions before they happen, and then to follow the plan once in place to ensure that the reaction is appropriate and thorough.
I was reminded of all of this recently while discussing an employee misconduct incident with a client. We were brought in on suspicion of malicious activity by an internal employee and asked to collect forensic evidence and make a determination regarding next steps. Unfortunately for the client, our investigation yielded no results. When we informed them of this fact, we were told that the FBI was now involved because of potential privacy violations.
Based on my experience, which most of the time is similar to that described above, most if not all organizations are woefully unprepared to deal with an incident related to the misuse of technology equipment, data breach, or cybercrime. A great deal of thought is put into how we will manage a fire emergency, inclement weather, or some other incident, but we still don’t get that our data is critical to our success, and the threats to that data are very real.
The 21st century is here and now but our organizations are not prepared to deal with the real life incidents associated with the age of the Internet. If you’re concerned about your organization’s Data Breach Response preparedness or are interested in having your plan validated against industry, please contact our incident response professionals to discuss an evaluation.