//
you're reading...
Information Security, IT & TECHNOLOGY

Security Breach Management: Handling The Storm With Aplomb


ISACA-Logo

2015 was marked by far too many digital security breaches, a trend that every company hopes to see reversed in the coming year. Unfortunately, as industry expert Leo Scanlon notes, it is unlikely that we’ll be able to stop them all. In this digital era, security breaches are part of the new normal.

So, what should you do when facing a security breach? The most important thing that you can do is stay calm. If you keep your wits about you, you will be better able to approach the problem and implement a solution to protect your clients and your company. Here is how to move forward in the face of a digital security breach.

Plan Ahead
While you may not be able to plan for the exact details of a security breach – if you could, then you could prevent it from happening – what you can do is prepare a preliminary plan of action for any future breach. Write out a general timeline for what actions need to take place and in what order. This way, when something does happen, you do not lose any time giving direction. All you need to do is to fill in the specifics of the event.

Communicate Clearly and Calmly
When a breach does occur, it is important to prioritize communication with your team and with your clients. Start with your team. Describe the event, review the plan of action, and make sure that everyone is clear on his or her role.

It can be worth it to sit everyone down to discuss the breach rather than send emails about the issue. This allows people to ask questions in real time rather than sending lots of follow-up messages. You might even consider serving everyone a cup of tea. Green tea reduces stress and can calm down anxious team members in a visceral way, moving them from high anxiety to centered focus.

After you have alerted your team, everyone can split off to appropriate tasks ranging from developing a patch to prevent system attacks to calling high profile clients. You will also need to contact a range of other people, including a lawyer and police.

Additionally, make sure your public relations department is ready to issue a statement and field phone calls. Give them a quick FAQ sheet and a directory of who to call about which issues. By preparing public relations as well as you can, you avoid clogging up other employees’ lines with client issues.

Talk and Train
While a security breach tests training effectiveness on the ground, this is also a good opportunity to schedule follow-up training. Then, while working to resolve this breach, note the areas in which employees struggle. These should be central to your next training session.

You should also contact some of your industry peers to find out what they do to prevent security breaches. This does not mean that you need to mimic their strategies, but if you know that someone is using a different approach, you should document clearly why you are doing something else. That way, if you do suffer a breach, you have demonstrated a well-thought-out strategy rather than an arbitrarily chosen system.

Big Fixes, Small Details
Ultimately, when you suffer a data breach, it is important to focus your attention on two issues: the big problems that need to be remedied immediately and the small problems that contributed to the breach but were overlooked during earlier development phases. Start big, and then shift to the small to protect yourself now and down the road.

For the sake of companies and clients alike, hopefully 2016 holds fewer security breaches. But, to make this dream a reality, every company will need to assess regularly its security systems and breach preparation. Failure to plan is planning to fail, so put that plan in place now.

Larry Alton
Writer
[ISACA Now Blog]

About @PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Web Stats

  • 124,727 hits
@PhilipHungCao

@PhilipHungCao

@PhilipHungCao, CISM, CCSP, CCSK, CASP, CIW-WSP, GICSP, PCNSE, ACSP, CCDA, DCSE, JNCIA, MCTS, MCSA, VCP5-DCV, VCP6-NV, ZCNT is a #TekF@rmer. He has 16 years' experience in ICT/Cybersecurity industry in various sectors & positions.

Personal Links

View Full Profile →

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 2,534 other followers

Twitter Updates

Archives

February 2016
M T W T F S S
« Jan   Mar »
1234567
891011121314
15161718192021
22232425262728
29  
%d bloggers like this: