SlideShare una empresa de Scribd logo

How to Effectively Manage a Data Breach

SecurityMetrics
SecurityMetrics

No business wants to face a data breach, but you should be prepared should it happen. Here are 5 steps to protect your organization after a data breach.

Empresariales
1 de 11
Descargar para leer sin conexión
HOW TO EFFECTIVELY MANAGE A DATA BREACH 5 STEPS TO PROTECT YOUR ORGANIZATION AFTER A DATA BREACH White Paper © 2016 SecurityMetrics
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 1 HOW TO EFFECTIVELY MANAGE A DATA BREACH 5 STEPS TO PROTECT YOUR ORGANIZATION AFTER A DATA BREACH INTRODUCTION You can’t afford to be unprepared for a data breach’s aftermath. Even organi- zations with the strictest data security and IT policies could easily go the way of recent victims like Hilton Hotels, Home Depot, and Anthem. It’s up to you to control the situation and protect your brand in the wake of a data breach’s potentially devastating hold on reputation. The following 5 steps will help you successfully stop information from being stolen, mitigate further damage, and restore operations as quickly as possible.
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 2 1. START YOUR INCIDENT RESPONSE PLAN A business typically learns they’ve been breached in one of four ways: 1. The breach is discovered internally (via review of intrusion detection system logs, event logs, alerting systems, system anomalies, or antivirus scan malware alerts). 2. Your bank informs you that you’ve been breached based on reports of customer credit card fraud. 3. Law enforcement officials discover the breach while investigating the sale of stolen credit card accounts on the black market. 4. A customer complains to you because your organization was the last place they used their card before it began racking up fraudulent charges. If you suspect a data breach, here’s your objective: stop information from being stolen and repair your systems so a breach won’t happen again. This begins by executing your incident response plan (IRP). A well-executed incident response plan can minimize breach impact, reduce fines, decrease negative press, and help you get back to business more quickly. In an ideal world, you should already have an incident response plan prepared and employees trained to quickly deal with a data breach situation. For some reason, however, most businesses SecurityMet- rics has investigated that have been breached didn’t have an incident response plan at the time of the incursion. With no plan, employees scramble to figure out what they’re supposed to do, and that’s when big mistakes are made. (e.g., wiping a system without first creating images of the compromised systems to learn what occurred and to avoid re-infection). SET YOUR INCIDENT RESPONSE PLAN INTO MOTION IMMEDIATELY ON LEARNING OF A SUSPECTED DATA BREACH
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 3 2. PRESERVE EVIDENCE When an organization becomes aware of a possible breach, it’s under- standable to want to fix it immediately. However, without taking the proper steps and involving the right people, you could inadvertently de- stroy valuable forensic data used by investigators to determine how and when the breach occurred, and what to recommend in order to properly secure the network against the current attack or similar future attacks. When you discover a breach, remember: • Don’t panic • Don’t let your failure to not panic lead you to hasty actions • Don’t wipe and re-install your systems (yet) • Do follow your incident response plan
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 4 3. CONTAIN THE BREACH Your first priority at this point in time is to isolate the affected system(s) to prevent further damage until your forensic investigator can walk you through the more complex and long-term containment. 1. Disconnect from the Internet by pulling the network cable from the firewall/router to stop the bleeding of data. 2. Document the entire incident. Document how you learned of the suspected breach, the date and time you were notified, how you were notified, what you were told in the notification, all actions you take between now and the end of the incident, date and time you disconnected systems in the card data environment from the Internet, disabled remote access, changed credentials/passwords, and all other system hardening or remediation steps taken. 3. Disable (do not delete) remote access capability and wireless access points. Change all account passwords and disable (not delete) non-critical accounts. Document old passwords for later analysis. 4. Change access control credentials (usernames and passwords) and implement highly complex passwords: 10+ characters that include upper and lower case, numbers, and special characters. (Avoid passwords that can be found in any dictionary, even if you are substituting special characters in place of letter characters.)
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 5 5. Segregate all hardware devices in the payment process from other business critical devices. Relocate these devices to a separate network subnet and keep them powered on to preserve volatile data. 6. Quarantine instead of deleting (removing) identified malware found by your antivirus scanner for later analysis and evidence. 7. Preserve firewall settings, firewall logs, system logs, and security logs (take screenshots if necessary). 8. Restrict Internet traffic to only business critical servers and ports outside of the payment- processing environment. If you must reconnect to the Internet before an investigator arrives, remove your credit card processing environment from any devices that must have Internet connectivity and process credit cards via dial-up, stand-alone terminals obtained from your merchant bank until you consult with your forensic investigator. 9. Contact your merchant processing bank (if you haven’t already) and let them know what happened. 10. Consider hiring a law firm experienced in managing data breaches. It won’t be cheap, but they may help you avoid pitfalls that could damage your brand. Your law firm may hire a forensic firm to immediately investigate and ensure you’ve properly contained the breach. If the credit card brands have issued a mandate that a forensic investigation must occur, you will be required to hire a PCI forensic investigator (PFI) to perform the investigation, even if you or your law firm has already employed a non- PFI forensic firm.
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 6 4. START INCIDENT RESPONSE MANAGEMENT ASSEMBLE YOUR INCIDENT RESPONSE TEAM A data breach is a crisis that must be managed through teamwork. Assemble your incident response team im- mediately. (Hopefully you’ve already met and discussed roles during crisis practices and initiated your incident response plan.) Your team should include a team leader, lead investigator, communications leader, C-suite representative, office ad- ministrator, human resources, IT, attorney, public relations, and breach response experts. Each brings a unique side to the table with a specific responsibility to manage the crisis. CONSIDER PUBLIC COMMUNICATIONS Proper communication is critical to successfully man- aging a data breach, and a key function of the incident response team is to determine how and when notifica- tions will be made. Several states have legislated mandatory time frames that dictate when a merchant must make notifications to potentially affected cardholders. You should be aware of the particular laws in your state and have instructions in your incident response plan that outline how you will make mandated notifications. Identify in advance the person within your organization (perhaps your inside legal counsel, newly hired breach management firm, C-level executive, etc.) that is re- sponsible for ensuring the notifications are made timely and fulfill your state’s specific requirements. Your public response to the data breach will be judged heavily, so think this through. STALLING MAY NOT BE IN YOUR BEST INTEREST Your customers will discover if you keep important breach information from them. If the media marks your brand untrustworthy for withholding information, that la- bel could end up hurting you worse than the other effects of the data breach. Some companies fall into the, “Let’s make sure we know exactly what’s going on before we say anything at all” trap, but excessive delays in releasing a statement may be seen as an attempted cover-up. Providing some information is usually better than saying nothing at all. You can always provide updated statements as needed on your website. In all cases regarding public statements, seek the guidance of your legal counsel.
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 7 GET YOUR STATEMENTS TOGETHER Your incident response team should craft specific state- ments that target the various audiences, including a holding statement, press release, customer statement, and internal/employee statement. These should be com- municated to appropriate parties that could potentially be affected by the breach, such as third party contractors, stockholders, law enforcement, and ultimately cardholders. Your statements should nip issues in the bud by addressing questions like: • Which locations are affected by the breach? • How was it discovered? • Is any other personal data at risk? • How will it affect customers and the community? • What services or assistance (if any) will you provide your customers? • When will you be back up and running, and what will you do to prevent this from happening again? Explain that you are committed to solving the issue and protecting your customer’s information and interests. Where you deem appropriate, you could offer an official apology and perhaps other forms of assistance such as one year of free credit monitoring. DISCLOSURES OF THE BREACH BOTH WITHIN THE COMPANY AND TO THE PUBLIC SHOULD BE IN ACCORDANCE WITH ADVICE FROM YOUR LEGAL COUNSEL MAKE SURE EMPLOYEES DON’T ANNOUNCE THE BREACH BEFORE YOU DO Poorly informed employees can often circulate rumors— true or not. As a team, establish your media policy that governs who is allowed to speak to the media. Designate a spokesperson and ensure employees understand they are not authorized to speak about the breach. Depending on your particular circumstances, you may find it beneficial to withhold from the rank and file employees the fact that your company has suffered data breach until shortly before any public statements are made.
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 8 5. INVESTIGATE, FIX YOUR SYSTEMS, AND IMPLEMENT YOUR BREACH PROTECTION SERVICES Management of a data breach doesn’t end with your pub- lic statement. Now comes the hardest part: investigating and fixing everything. Luckily, you’re not alone. Your PFI will perform the majority of the investigation and then provide recommendations on how to repair your environ- ment to ensure this doesn’t happen again. BRING AFFECTED SYSTEMS BACK ONLINE After the cause of the breach has been identified and eradicated, you need to ensure all systems have been hardened, patched, replaced, and tested before you consider re-introducing the previously compromised systems back into your production environment. During this process, ask yourself these questions: • Have you properly implemented all of the recommended changes? • Have all systems been patched, hardened, and tested? • What tools/reparations will ensure you’re secure from a similar attack? • How will you prevent this from happening again? (Who will respond to security notifications and be responsible to monitor security, Intrusion Detection System, and firewall logs?) SET YOUR BREACH PROTECTION SERVICES INTO MOTION It’s now time to enact your breach protection services, if you have one. This is a data breach reimbursement program that helps cover some of the costs of data breach. Breach protection can alleviate an enormous amount of stress surrounding data breaches, as you’ll know you won’t have to bear the entire brunt of expenses related to the breach (and there are a lot of expenses).
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 9 BE PREPARED FOR THESE COSTS Obviously, the financial examples presented below will change based on: your size, how many customer cards were stolen, how hackers got into your organization, if you were willfully aware of your vulnerabilities, whether you have breach protection services etc. Data breaches have serious financial consequences. If breached, you may only be liable for a few of these fines, or you could be expected to pay even more than listed below. It all depends on the size of your breach. Along with possible legal fines, federal/municipal fines, increased monthly card processing fees, you may have to pay for the following: Merchant processor compromise fine: $5,000 – $50,000 Card brand compromise fees: $5,000 – $500,000 Forensic investigation: $12,000 – $100,000 Onsite QSA assessments following the breach: $20,000 – $100,000 Free credit monitoring for affected individuals: $10 – 30/card Card re-issuance penalties: $3 – $10 per card Security updates: $15,000+ Lawyer fees: $5,000+ Breach notification costs: $1,000+ Technology repairs: $2,000+ TOTAL POSSIBLE COST: $50,000 – $773,000+ MAKE SURE IT DOESN’T HAPPEN AGAIN A key part of a successful breach response is what you learned from the breach. After the dust has settled, assemble your incident response team once again to review the events in preparation for the next attack. Incorporate the lessons you’ve learned and ask, “How can we improve the process next time?” And then revise your incident response plan. Don’t forget to communicate your commitment to data security to the media, even after you’ve repaired the damage.
HOW TO EFFECTIVELY MANAGE A DATA BREACH | 10 CONCLUSION If you don’t have a data breach incident response plan, making one should be a top priority. Then practice and review your plan. Without annual desktop run-throughs and simulation trainings, your staff will panic in the face of a data breach. Suffering a data breach is one of the most stressful situations a business owner or organization can endure, but it doesn’t have to be the end of your business. Greet it with a solid and practiced incident response plan to avoid significant brand damage. ABOUT SECURITYMETRICS SecurityMetrics has helped over 800,000 organizations comply with PCI DSS, HIPAA, and other mandates. Our solutions combine innovative technology that streamlines compliance validation with the personal support you need to fully understand compliance requirements. CONSULTING@SECURITYMETRICS.COM 801.705.5656

Recomendados

Medical Data Encryption 101
Medical Data Encryption 101Medical Data Encryption 101
Medical Data Encryption 101SecurityMetrics
 
How to Secure Your Medical Devices
How to Secure Your Medical DevicesHow to Secure Your Medical Devices
How to Secure Your Medical DevicesSecurityMetrics
 
Healthcare Cyber Security Webinar
Healthcare Cyber Security WebinarHealthcare Cyber Security Webinar
Healthcare Cyber Security WebinarHealthCareManagement
 
Healthcare and Cyber security
Healthcare and Cyber securityHealthcare and Cyber security
Healthcare and Cyber securityBrian Matteson, CISSP CISA
 
Cyber Security and Healthcare
Cyber Security and HealthcareCyber Security and Healthcare
Cyber Security and HealthcareJonathon Coulter
 
EHR meaningful use security risk assessment sample document
EHR meaningful use security risk assessment sample documentEHR meaningful use security risk assessment sample document
EHR meaningful use security risk assessment sample documentdata brackets
 
Medical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannMedical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannFrank Siepmann
 
4. data security eb__1_
4. data security eb__1_4. data security eb__1_
4. data security eb__1_Appsian
 

Recomendados

Medical Data Encryption 101
Medical Data Encryption 101Medical Data Encryption 101
Medical Data Encryption 101SecurityMetrics
 
How to Secure Your Medical Devices
How to Secure Your Medical DevicesHow to Secure Your Medical Devices
How to Secure Your Medical DevicesSecurityMetrics
 
Healthcare Cyber Security Webinar
Healthcare Cyber Security WebinarHealthcare Cyber Security Webinar
Healthcare Cyber Security WebinarHealthCareManagement
 
Healthcare and Cyber security
Healthcare and Cyber securityHealthcare and Cyber security
Healthcare and Cyber securityBrian Matteson, CISSP CISA
 
Cyber Security and Healthcare
Cyber Security and HealthcareCyber Security and Healthcare
Cyber Security and HealthcareJonathon Coulter
 
EHR meaningful use security risk assessment sample document
EHR meaningful use security risk assessment sample documentEHR meaningful use security risk assessment sample document
EHR meaningful use security risk assessment sample documentdata brackets
 
Medical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannMedical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannFrank Siepmann
 
4. data security eb__1_
4. data security eb__1_4. data security eb__1_
4. data security eb__1_Appsian
 
mHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsmHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsKristie Allison
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessmentdata brackets
 
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITAL
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITALINCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITAL
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITALIJNSA Journal
 
What Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeWhat Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeMedSafe
 
Ijnsa050201
Ijnsa050201Ijnsa050201
Ijnsa050201IJNSA Journal
 
The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?Stephen Cobb
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 shawn_merdinger
 
Hipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized ReportHipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized Reporttbeckwith
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Mark Merrill
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET Journal
 
Csec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comCsec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comPrescottLunt384
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15MassEHealth
 
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Hybrid Cloud
 
Information security management
Information security managementInformation security management
Information security managementUMaine
 
Securing the Fog
Securing the FogSecuring the Fog
Securing the FogThe Security of Things Forum
 
Network Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case StudyNetwork Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case StudySophiaPalmira
 
5 Steps to Manage a Data Breach
5 Steps to Manage a Data Breach5 Steps to Manage a Data Breach
5 Steps to Manage a Data BreachSecurityMetrics
 
Experion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsExperion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsPeter Henley
 

Más contenido relacionado

La actualidad más candente

mHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsmHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsKristie Allison
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessmentdata brackets
 
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITAL
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITALINCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITAL
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITALIJNSA Journal
 
What Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeWhat Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeMedSafe
 
The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?Stephen Cobb
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 shawn_merdinger
 
Hipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized ReportHipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized Reporttbeckwith
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Mark Merrill
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET Journal
 
Csec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comCsec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comPrescottLunt384
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comPrescottLunt386
 
MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15MassEHealth
 
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Hybrid Cloud
 
Information security management
Information security managementInformation security management
Information security managementUMaine
 
Network Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case StudyNetwork Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case StudySophiaPalmira
 

La actualidad más candente (20)

mHealth Security: Stats and Solutions
mHealth Security: Stats and SolutionsmHealth Security: Stats and Solutions
mHealth Security: Stats and Solutions
 
HIPAA HiTech Security Assessment
HIPAA HiTech Security AssessmentHIPAA HiTech Security Assessment
HIPAA HiTech Security Assessment
 
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITAL
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITALINCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITAL
INCIDENT RESPONSE PLAN FOR A SMALL TO MEDIUM SIZED HOSPITAL
 
What Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafeWhat Is Security Risk Analysis? By: MedSafe
What Is Security Risk Analysis? By: MedSafe
 
Ijnsa050201
Ijnsa050201Ijnsa050201
Ijnsa050201
 
The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011 Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
Medical Device Security: State of the Art -- NoConName, Barcelona, 2011
 
Hipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized ReportHipaa Gap Assessment.Sanitized Report
Hipaa Gap Assessment.Sanitized Report
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected?
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
 
IRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A SurveyIRJET- Data Leak Prevention System: A Survey
IRJET- Data Leak Prevention System: A Survey
 
Csec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.comCsec 610 Inspiring Innovation--tutorialrank.com
Csec 610 Inspiring Innovation--tutorialrank.com
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security Framework
 
Cyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.comCyb 610 Inspiring Innovation--tutorialrank.com
Cyb 610 Inspiring Innovation--tutorialrank.com
 
MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15
 
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
Protecting Data in the Healthcare Industry - Storage Made Easy - Osterman Res...
 
Information security management
Information security managementInformation security management
Information security management
 
Securing the Fog
Securing the FogSecuring the Fog
Securing the Fog
 
Network Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case StudyNetwork Connected Medical Devices - A Case Study
Network Connected Medical Devices - A Case Study
 

Similar a How to Effectively Manage a Data Breach

5 Steps to Manage a Data Breach
5 Steps to Manage a Data Breach5 Steps to Manage a Data Breach
5 Steps to Manage a Data BreachSecurityMetrics
 
Experion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsExperion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsPeter Henley
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants- Mark - Fullbright
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guideMark Bennett
 
EXTERNAL - Whitepaper - 5 Steps to Weather the Zero Hour
EXTERNAL - Whitepaper - 5 Steps to Weather the Zero HourEXTERNAL - Whitepaper - 5 Steps to Weather the Zero Hour
EXTERNAL - Whitepaper - 5 Steps to Weather the Zero HourYasser Mohammed
 
Anticipating an Attack: A Pre-Breach Checklist
Anticipating an Attack: A Pre-Breach ChecklistAnticipating an Attack: A Pre-Breach Checklist
Anticipating an Attack: A Pre-Breach ChecklistMorrison & Foerster
 
Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...- Mark - Fullbright
 
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...Jon Polenberg
 
July CLE Webinar material: Best Practices for Victim Response and Reporting o...
July CLE Webinar material: Best Practices for Victim Response and Reporting o...July CLE Webinar material: Best Practices for Victim Response and Reporting o...
July CLE Webinar material: Best Practices for Victim Response and Reporting o...LexisNexis
 
Course Session Outline - Internal control in Information System
Course Session Outline - Internal control in Information SystemCourse Session Outline - Internal control in Information System
Course Session Outline - Internal control in Information SystemTheodore Le
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...cyberprosocial
 
Cybersecurity: How to be Proactive
Cybersecurity: How to be ProactiveCybersecurity: How to be Proactive
Cybersecurity: How to be ProactiveBrown Smith Wallace
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!Caroline Johnson
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsSarah Fane
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business- Mark - Fullbright
 
Data Breach Response: Before and After the Breach
Data Breach Response: Before and After the BreachData Breach Response: Before and After the Breach
Data Breach Response: Before and After the BreachFinancial Poise
 
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxChapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxchristinemaritza
 
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015CBIZ, Inc.
 

Similar a How to Effectively Manage a Data Breach (20)

5 Steps to Manage a Data Breach
5 Steps to Manage a Data Breach5 Steps to Manage a Data Breach
5 Steps to Manage a Data Breach
 
Experion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsExperion Data Breach Response Excerpts
Experion Data Breach Response Excerpts
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants
 
Cyber security guide
Cyber security guideCyber security guide
Cyber security guide
 
CYBER ATTACK RECOVERY GUIDE
CYBER ATTACK RECOVERY GUIDECYBER ATTACK RECOVERY GUIDE
CYBER ATTACK RECOVERY GUIDE
 
EXTERNAL - Whitepaper - 5 Steps to Weather the Zero Hour
EXTERNAL - Whitepaper - 5 Steps to Weather the Zero HourEXTERNAL - Whitepaper - 5 Steps to Weather the Zero Hour
EXTERNAL - Whitepaper - 5 Steps to Weather the Zero Hour
 
Anticipating an Attack: A Pre-Breach Checklist
Anticipating an Attack: A Pre-Breach ChecklistAnticipating an Attack: A Pre-Breach Checklist
Anticipating an Attack: A Pre-Breach Checklist
 
Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...Introduction to Data Security Breach Preparedness with Model Data Security Br...
Introduction to Data Security Breach Preparedness with Model Data Security Br...
 
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
 
July CLE Webinar material: Best Practices for Victim Response and Reporting o...
July CLE Webinar material: Best Practices for Victim Response and Reporting o...July CLE Webinar material: Best Practices for Victim Response and Reporting o...
July CLE Webinar material: Best Practices for Victim Response and Reporting o...
 
Course Session Outline - Internal control in Information System
Course Session Outline - Internal control in Information SystemCourse Session Outline - Internal control in Information System
Course Session Outline - Internal control in Information System
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
 
Cybersecurity: How to be Proactive
Cybersecurity: How to be ProactiveCybersecurity: How to be Proactive
Cybersecurity: How to be Proactive
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security Fundamentals
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business
 
Data Breach Response: Before and After the Breach
Data Breach Response: Before and After the BreachData Breach Response: Before and After the Breach
Data Breach Response: Before and After the Breach
 
Window of Compromise
Window of CompromiseWindow of Compromise
Window of Compromise
 
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docxChapter 33Incident Response and Forensic AnalysisCopyright ©.docx
Chapter 33Incident Response and Forensic AnalysisCopyright ©.docx
 
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
 

Más de SecurityMetrics

Understanding the New PCI DSS Scoping Supplement
Understanding the New PCI DSS Scoping SupplementUnderstanding the New PCI DSS Scoping Supplement
Understanding the New PCI DSS Scoping SupplementSecurityMetrics
 
How to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditHow to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditSecurityMetrics
 
Securing Your Remote Access Desktop Connection
Securing Your Remote Access Desktop ConnectionSecuring Your Remote Access Desktop Connection
Securing Your Remote Access Desktop ConnectionSecurityMetrics
 
HIPAA PHI Protection: Where is Your PHI Stored?
HIPAA PHI Protection: Where is Your PHI Stored? HIPAA PHI Protection: Where is Your PHI Stored?
HIPAA PHI Protection: Where is Your PHI Stored? SecurityMetrics
 
The 5 Step HIPAA Risk Analysis
The 5 Step HIPAA Risk AnalysisThe 5 Step HIPAA Risk Analysis
The 5 Step HIPAA Risk AnalysisSecurityMetrics
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA AuditSecurityMetrics
 
Don't Let Phishing Emails Hook Your Empolyees
Don't Let Phishing Emails Hook Your EmpolyeesDon't Let Phishing Emails Hook Your Empolyees
Don't Let Phishing Emails Hook Your EmpolyeesSecurityMetrics
 
What's Causing You to Store Unencrypted Payment Cards?
What's Causing You to Store Unencrypted Payment Cards? What's Causing You to Store Unencrypted Payment Cards?
What's Causing You to Store Unencrypted Payment Cards? SecurityMetrics
 
Auditing Archives: The Case of the File Sharing Franchisee
Auditing Archives: The Case of the File Sharing FranchiseeAuditing Archives: The Case of the File Sharing Franchisee
Auditing Archives: The Case of the File Sharing FranchiseeSecurityMetrics
 
Auditing Archives: The Case of the Evil Java Script
Auditing Archives: The Case of the Evil Java ScriptAuditing Archives: The Case of the Evil Java Script
Auditing Archives: The Case of the Evil Java ScriptSecurityMetrics
 
Auditing Archives: The Case of the Overly Helpful Front Desk Clerk
Auditing Archives: The Case of the Overly Helpful Front Desk ClerkAuditing Archives: The Case of the Overly Helpful Front Desk Clerk
Auditing Archives: The Case of the Overly Helpful Front Desk ClerkSecurityMetrics
 
The Case of the Suspiciously Flawless Investigation
The Case of the Suspiciously Flawless InvestigationThe Case of the Suspiciously Flawless Investigation
The Case of the Suspiciously Flawless InvestigationSecurityMetrics
 
The Case of the Mistaken Malware
The Case of the Mistaken MalwareThe Case of the Mistaken Malware
The Case of the Mistaken MalwareSecurityMetrics
 
The Case of the Stockpiled Credit Cards
The Case of the Stockpiled Credit CardsThe Case of the Stockpiled Credit Cards
The Case of the Stockpiled Credit CardsSecurityMetrics
 
What Does the End of Windows XP Mean For Businesses?
What Does the End of Windows XP Mean For Businesses?What Does the End of Windows XP Mean For Businesses?
What Does the End of Windows XP Mean For Businesses?SecurityMetrics
 
How Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessHow Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessSecurityMetrics
 
Mobile Processing: The Perfect Storm for Data Compromise
Mobile Processing: The Perfect Storm for Data CompromiseMobile Processing: The Perfect Storm for Data Compromise
Mobile Processing: The Perfect Storm for Data CompromiseSecurityMetrics
 
Why Breach Protection Isn't Optional Anymore
Why Breach Protection Isn't Optional AnymoreWhy Breach Protection Isn't Optional Anymore
Why Breach Protection Isn't Optional AnymoreSecurityMetrics
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemSecurityMetrics
 

Más de SecurityMetrics (20)

Hipaa Reality Check
Hipaa Reality CheckHipaa Reality Check
Hipaa Reality Check
 
Understanding the New PCI DSS Scoping Supplement
Understanding the New PCI DSS Scoping SupplementUnderstanding the New PCI DSS Scoping Supplement
Understanding the New PCI DSS Scoping Supplement
 
How to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS AuditHow to Prepare for a PCI DSS Audit
How to Prepare for a PCI DSS Audit
 
Securing Your Remote Access Desktop Connection
Securing Your Remote Access Desktop ConnectionSecuring Your Remote Access Desktop Connection
Securing Your Remote Access Desktop Connection
 
HIPAA PHI Protection: Where is Your PHI Stored?
HIPAA PHI Protection: Where is Your PHI Stored? HIPAA PHI Protection: Where is Your PHI Stored?
HIPAA PHI Protection: Where is Your PHI Stored?
 
The 5 Step HIPAA Risk Analysis
The 5 Step HIPAA Risk AnalysisThe 5 Step HIPAA Risk Analysis
The 5 Step HIPAA Risk Analysis
 
5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit5 Documents to Prepare for a HIPAA Audit
5 Documents to Prepare for a HIPAA Audit
 
Don't Let Phishing Emails Hook Your Empolyees
Don't Let Phishing Emails Hook Your EmpolyeesDon't Let Phishing Emails Hook Your Empolyees
Don't Let Phishing Emails Hook Your Empolyees
 
What's Causing You to Store Unencrypted Payment Cards?
What's Causing You to Store Unencrypted Payment Cards? What's Causing You to Store Unencrypted Payment Cards?
What's Causing You to Store Unencrypted Payment Cards?
 
Auditing Archives: The Case of the File Sharing Franchisee
Auditing Archives: The Case of the File Sharing FranchiseeAuditing Archives: The Case of the File Sharing Franchisee
Auditing Archives: The Case of the File Sharing Franchisee
 
Auditing Archives: The Case of the Evil Java Script
Auditing Archives: The Case of the Evil Java ScriptAuditing Archives: The Case of the Evil Java Script
Auditing Archives: The Case of the Evil Java Script
 
Auditing Archives: The Case of the Overly Helpful Front Desk Clerk
Auditing Archives: The Case of the Overly Helpful Front Desk ClerkAuditing Archives: The Case of the Overly Helpful Front Desk Clerk
Auditing Archives: The Case of the Overly Helpful Front Desk Clerk
 
The Case of the Suspiciously Flawless Investigation
The Case of the Suspiciously Flawless InvestigationThe Case of the Suspiciously Flawless Investigation
The Case of the Suspiciously Flawless Investigation
 
The Case of the Mistaken Malware
The Case of the Mistaken MalwareThe Case of the Mistaken Malware
The Case of the Mistaken Malware
 
The Case of the Stockpiled Credit Cards
The Case of the Stockpiled Credit CardsThe Case of the Stockpiled Credit Cards
The Case of the Stockpiled Credit Cards
 
What Does the End of Windows XP Mean For Businesses?
What Does the End of Windows XP Mean For Businesses?What Does the End of Windows XP Mean For Businesses?
What Does the End of Windows XP Mean For Businesses?
 
How Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessHow Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for Business
 
Mobile Processing: The Perfect Storm for Data Compromise
Mobile Processing: The Perfect Storm for Data CompromiseMobile Processing: The Perfect Storm for Data Compromise
Mobile Processing: The Perfect Storm for Data Compromise
 
Why Breach Protection Isn't Optional Anymore
Why Breach Protection Isn't Optional AnymoreWhy Breach Protection Isn't Optional Anymore
Why Breach Protection Isn't Optional Anymore
 
The HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your ProblemThe HIPAA Security Rule: Yes, It's Your Problem
The HIPAA Security Rule: Yes, It's Your Problem
 

Último

Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaShree Krishna Exports
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Lviv Startup Club
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...Any kyc Account
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 DelhiCall Girls in Delhi
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.Aaiza Hassan
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...Suhani Kapoor
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfOnline Income Engine
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 

Último (20)

Best Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in IndiaBest Basmati Rice Manufacturers in India
Best Basmati Rice Manufacturers in India
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
Yaroslav Rozhankivskyy: Три складові і три передумови максимальної продуктивн...
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
KYC-Verified Accounts: Helping Companies Handle Challenging Regulatory Enviro...
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.M.C Lodges -- Guest House in Jhang.
M.C Lodges -- Guest House in Jhang.
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
VIP Call Girls Gandi Maisamma ( Hyderabad ) Phone 8250192130 | ₹5k To 25k Wit...
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdf
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 

How to Effectively Manage a Data Breach

  • 1. HOW TO EFFECTIVELY MANAGE A DATA BREACH 5 STEPS TO PROTECT YOUR ORGANIZATION AFTER A DATA BREACH White Paper © 2016 SecurityMetrics
  • 2. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 1 HOW TO EFFECTIVELY MANAGE A DATA BREACH 5 STEPS TO PROTECT YOUR ORGANIZATION AFTER A DATA BREACH INTRODUCTION You can’t afford to be unprepared for a data breach’s aftermath. Even organi- zations with the strictest data security and IT policies could easily go the way of recent victims like Hilton Hotels, Home Depot, and Anthem. It’s up to you to control the situation and protect your brand in the wake of a data breach’s potentially devastating hold on reputation. The following 5 steps will help you successfully stop information from being stolen, mitigate further damage, and restore operations as quickly as possible.
  • 3. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 2 1. START YOUR INCIDENT RESPONSE PLAN A business typically learns they’ve been breached in one of four ways: 1. The breach is discovered internally (via review of intrusion detection system logs, event logs, alerting systems, system anomalies, or antivirus scan malware alerts). 2. Your bank informs you that you’ve been breached based on reports of customer credit card fraud. 3. Law enforcement officials discover the breach while investigating the sale of stolen credit card accounts on the black market. 4. A customer complains to you because your organization was the last place they used their card before it began racking up fraudulent charges. If you suspect a data breach, here’s your objective: stop information from being stolen and repair your systems so a breach won’t happen again. This begins by executing your incident response plan (IRP). A well-executed incident response plan can minimize breach impact, reduce fines, decrease negative press, and help you get back to business more quickly. In an ideal world, you should already have an incident response plan prepared and employees trained to quickly deal with a data breach situation. For some reason, however, most businesses SecurityMet- rics has investigated that have been breached didn’t have an incident response plan at the time of the incursion. With no plan, employees scramble to figure out what they’re supposed to do, and that’s when big mistakes are made. (e.g., wiping a system without first creating images of the compromised systems to learn what occurred and to avoid re-infection). SET YOUR INCIDENT RESPONSE PLAN INTO MOTION IMMEDIATELY ON LEARNING OF A SUSPECTED DATA BREACH
  • 4. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 3 2. PRESERVE EVIDENCE When an organization becomes aware of a possible breach, it’s under- standable to want to fix it immediately. However, without taking the proper steps and involving the right people, you could inadvertently de- stroy valuable forensic data used by investigators to determine how and when the breach occurred, and what to recommend in order to properly secure the network against the current attack or similar future attacks. When you discover a breach, remember: • Don’t panic • Don’t let your failure to not panic lead you to hasty actions • Don’t wipe and re-install your systems (yet) • Do follow your incident response plan
  • 5. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 4 3. CONTAIN THE BREACH Your first priority at this point in time is to isolate the affected system(s) to prevent further damage until your forensic investigator can walk you through the more complex and long-term containment. 1. Disconnect from the Internet by pulling the network cable from the firewall/router to stop the bleeding of data. 2. Document the entire incident. Document how you learned of the suspected breach, the date and time you were notified, how you were notified, what you were told in the notification, all actions you take between now and the end of the incident, date and time you disconnected systems in the card data environment from the Internet, disabled remote access, changed credentials/passwords, and all other system hardening or remediation steps taken. 3. Disable (do not delete) remote access capability and wireless access points. Change all account passwords and disable (not delete) non-critical accounts. Document old passwords for later analysis. 4. Change access control credentials (usernames and passwords) and implement highly complex passwords: 10+ characters that include upper and lower case, numbers, and special characters. (Avoid passwords that can be found in any dictionary, even if you are substituting special characters in place of letter characters.)
  • 6. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 5 5. Segregate all hardware devices in the payment process from other business critical devices. Relocate these devices to a separate network subnet and keep them powered on to preserve volatile data. 6. Quarantine instead of deleting (removing) identified malware found by your antivirus scanner for later analysis and evidence. 7. Preserve firewall settings, firewall logs, system logs, and security logs (take screenshots if necessary). 8. Restrict Internet traffic to only business critical servers and ports outside of the payment- processing environment. If you must reconnect to the Internet before an investigator arrives, remove your credit card processing environment from any devices that must have Internet connectivity and process credit cards via dial-up, stand-alone terminals obtained from your merchant bank until you consult with your forensic investigator. 9. Contact your merchant processing bank (if you haven’t already) and let them know what happened. 10. Consider hiring a law firm experienced in managing data breaches. It won’t be cheap, but they may help you avoid pitfalls that could damage your brand. Your law firm may hire a forensic firm to immediately investigate and ensure you’ve properly contained the breach. If the credit card brands have issued a mandate that a forensic investigation must occur, you will be required to hire a PCI forensic investigator (PFI) to perform the investigation, even if you or your law firm has already employed a non- PFI forensic firm.
  • 7. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 6 4. START INCIDENT RESPONSE MANAGEMENT ASSEMBLE YOUR INCIDENT RESPONSE TEAM A data breach is a crisis that must be managed through teamwork. Assemble your incident response team im- mediately. (Hopefully you’ve already met and discussed roles during crisis practices and initiated your incident response plan.) Your team should include a team leader, lead investigator, communications leader, C-suite representative, office ad- ministrator, human resources, IT, attorney, public relations, and breach response experts. Each brings a unique side to the table with a specific responsibility to manage the crisis. CONSIDER PUBLIC COMMUNICATIONS Proper communication is critical to successfully man- aging a data breach, and a key function of the incident response team is to determine how and when notifica- tions will be made. Several states have legislated mandatory time frames that dictate when a merchant must make notifications to potentially affected cardholders. You should be aware of the particular laws in your state and have instructions in your incident response plan that outline how you will make mandated notifications. Identify in advance the person within your organization (perhaps your inside legal counsel, newly hired breach management firm, C-level executive, etc.) that is re- sponsible for ensuring the notifications are made timely and fulfill your state’s specific requirements. Your public response to the data breach will be judged heavily, so think this through. STALLING MAY NOT BE IN YOUR BEST INTEREST Your customers will discover if you keep important breach information from them. If the media marks your brand untrustworthy for withholding information, that la- bel could end up hurting you worse than the other effects of the data breach. Some companies fall into the, “Let’s make sure we know exactly what’s going on before we say anything at all” trap, but excessive delays in releasing a statement may be seen as an attempted cover-up. Providing some information is usually better than saying nothing at all. You can always provide updated statements as needed on your website. In all cases regarding public statements, seek the guidance of your legal counsel.
  • 8. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 7 GET YOUR STATEMENTS TOGETHER Your incident response team should craft specific state- ments that target the various audiences, including a holding statement, press release, customer statement, and internal/employee statement. These should be com- municated to appropriate parties that could potentially be affected by the breach, such as third party contractors, stockholders, law enforcement, and ultimately cardholders. Your statements should nip issues in the bud by addressing questions like: • Which locations are affected by the breach? • How was it discovered? • Is any other personal data at risk? • How will it affect customers and the community? • What services or assistance (if any) will you provide your customers? • When will you be back up and running, and what will you do to prevent this from happening again? Explain that you are committed to solving the issue and protecting your customer’s information and interests. Where you deem appropriate, you could offer an official apology and perhaps other forms of assistance such as one year of free credit monitoring. DISCLOSURES OF THE BREACH BOTH WITHIN THE COMPANY AND TO THE PUBLIC SHOULD BE IN ACCORDANCE WITH ADVICE FROM YOUR LEGAL COUNSEL MAKE SURE EMPLOYEES DON’T ANNOUNCE THE BREACH BEFORE YOU DO Poorly informed employees can often circulate rumors— true or not. As a team, establish your media policy that governs who is allowed to speak to the media. Designate a spokesperson and ensure employees understand they are not authorized to speak about the breach. Depending on your particular circumstances, you may find it beneficial to withhold from the rank and file employees the fact that your company has suffered data breach until shortly before any public statements are made.
  • 9. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 8 5. INVESTIGATE, FIX YOUR SYSTEMS, AND IMPLEMENT YOUR BREACH PROTECTION SERVICES Management of a data breach doesn’t end with your pub- lic statement. Now comes the hardest part: investigating and fixing everything. Luckily, you’re not alone. Your PFI will perform the majority of the investigation and then provide recommendations on how to repair your environ- ment to ensure this doesn’t happen again. BRING AFFECTED SYSTEMS BACK ONLINE After the cause of the breach has been identified and eradicated, you need to ensure all systems have been hardened, patched, replaced, and tested before you consider re-introducing the previously compromised systems back into your production environment. During this process, ask yourself these questions: • Have you properly implemented all of the recommended changes? • Have all systems been patched, hardened, and tested? • What tools/reparations will ensure you’re secure from a similar attack? • How will you prevent this from happening again? (Who will respond to security notifications and be responsible to monitor security, Intrusion Detection System, and firewall logs?) SET YOUR BREACH PROTECTION SERVICES INTO MOTION It’s now time to enact your breach protection services, if you have one. This is a data breach reimbursement program that helps cover some of the costs of data breach. Breach protection can alleviate an enormous amount of stress surrounding data breaches, as you’ll know you won’t have to bear the entire brunt of expenses related to the breach (and there are a lot of expenses).
  • 10. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 9 BE PREPARED FOR THESE COSTS Obviously, the financial examples presented below will change based on: your size, how many customer cards were stolen, how hackers got into your organization, if you were willfully aware of your vulnerabilities, whether you have breach protection services etc. Data breaches have serious financial consequences. If breached, you may only be liable for a few of these fines, or you could be expected to pay even more than listed below. It all depends on the size of your breach. Along with possible legal fines, federal/municipal fines, increased monthly card processing fees, you may have to pay for the following: Merchant processor compromise fine: $5,000 – $50,000 Card brand compromise fees: $5,000 – $500,000 Forensic investigation: $12,000 – $100,000 Onsite QSA assessments following the breach: $20,000 – $100,000 Free credit monitoring for affected individuals: $10 – 30/card Card re-issuance penalties: $3 – $10 per card Security updates: $15,000+ Lawyer fees: $5,000+ Breach notification costs: $1,000+ Technology repairs: $2,000+ TOTAL POSSIBLE COST: $50,000 – $773,000+ MAKE SURE IT DOESN’T HAPPEN AGAIN A key part of a successful breach response is what you learned from the breach. After the dust has settled, assemble your incident response team once again to review the events in preparation for the next attack. Incorporate the lessons you’ve learned and ask, “How can we improve the process next time?” And then revise your incident response plan. Don’t forget to communicate your commitment to data security to the media, even after you’ve repaired the damage.
  • 11. HOW TO EFFECTIVELY MANAGE A DATA BREACH | 10 CONCLUSION If you don’t have a data breach incident response plan, making one should be a top priority. Then practice and review your plan. Without annual desktop run-throughs and simulation trainings, your staff will panic in the face of a data breach. Suffering a data breach is one of the most stressful situations a business owner or organization can endure, but it doesn’t have to be the end of your business. Greet it with a solid and practiced incident response plan to avoid significant brand damage. ABOUT SECURITYMETRICS SecurityMetrics has helped over 800,000 organizations comply with PCI DSS, HIPAA, and other mandates. Our solutions combine innovative technology that streamlines compliance validation with the personal support you need to fully understand compliance requirements. CONSULTING@SECURITYMETRICS.COM 801.705.5656