Johannesburg, 26 Sep 2018
Every data breach that rocks the headlines seems to get worse. The fines get bigger, the damage to reputation more severe. More than one share price has plummeted in the aftermath of a data breach.
Should a data breach occur, there are multiple issues a business has to deal with, says Simon Campbell-Young, MD of Credence Security. "First, they have to identify the threat, remove it, and fix the systems. Then there's a range of legal issues, including notifying those affected, paying regulatory fines, and even having to replace stolen assets. Sometimes a business has to offer identity threat protection to the victims. And all of this costs money," he explains.
"However, most business will recover from the financial losses incurred during a breach. It's the reputational damage that could be catastrophic. Customers may forgive, but they will not forget. Once trust is broken, you'll never get it back."
This is why prevention is better than cure any time, he says. "We recommend several steps to help prevent a business falling victim to a cyber attack."
The first step is implementing effective and holistic cyber security tools. "All businesses are different, and therefore all security measures should be tailored to suit the specific organisation's needs. Healthcare providers and financial services organisations will handle more sensitive customer data, whereas manufacturers often have more proprietary IP. They all face different threats, and have a different appetite for risk."
Start by identifying the most precious information assets, and thoroughly weigh up the risks in relation to the security landscape. "Focus the greatest efforts on the most valuable assets. Prioritise investments here, and make sure they are well maintained."
Next, he says, is having a good incident response plan in place. "It used to be all about preparing for, and detecting, a breach. No longer. Incident response is a crucial link in the security chain, as organisations realise it's not a case of 'if', but 'when'.
Today's businesses need to add focus to identifying their weaknesses and shortcomings, to boost their preparedness in the event of a security incident, Campbell-Young adds.
"And to do this effectively, businesses need good, actionable intelligence. Understanding your attacker, and receiving relevant and actionable intelligence, is a company's best hope to stay ahead of the attackers and anticipate their actions. Make sure you have the resources on hand; there are numerous public sources as well as sharing platforms to glean this information, and savvy businesses will also ensure they have internal monitoring and event correlation solutions in place."
Campbell-Young says they should also share any data breach information with collaborative industry groups and the security community, as it is crucial in the fight against cyber crime as well as understanding how a breach can impact a business. "This is key to combating cyber crime."
Next, bearing in mind that a chain is only as strong as its weakest link. Make sure that adequate time and resources are dedicated to staff training. "All employees should be aware of threats such as phishing and social engineering, and should be taught to practice good security hygiene."
He says as businesses become increasingly digital, they need to work even harder to maintain effective risk management and strong cyber security controls, all while remaining compliant, and without stifling usability and innovation. "Cyber crooks are always on the lookout for new ways to steal data. They will bombard your defences, scour you organisation for vulnerabilities, and test your employees for ways to get in. Making resilience a priority is the only way to protect your data, and with it, your reputation."
Share