5 Common Failures Companies Make Regarding Data Breaches

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next 5 Common Failures Companies Make Regarding Data Breaches-3 Next

Emerging Threats

Failure #2: Not anticipating emerging threats that complicate breaches.

Companies are often unprepared or underprepared to respond to emerging threats such as ransomware. While ransomware is not new, both the technology itself and the regulations on reporting it are continuously evolving. New versions of ransomware can have implications beyond just losing access to systems or documents, and can now leave behind malware that could cause a breach down the road. On the regulatory side, organizations that fall under HIPAA are now required to report all ransomware attacks. This guidance, released by the Department of Health and Human Services Office of Civil Right in July 2016, is a result of the fact that it can be unclear whether or not data was accessed during the time of the ransomware attack.

As a best practice, all companies should revisit their response plan to ensure that it includes, at the very least, a response to even basic ransomware attacks, as well as a plan for reporting the attack to regulators, as reporting can help mitigate the impact of related breaches in the future.

Over the last few years, data breaches have become a regular occurrence for most consumers. By now, the average person has either been directly impacted by a data breach or knows someone who has. As a result of this increase in data breach awareness, companies that experience a breach are under much greater scrutiny today than ever before. Companies are no longer judged by whether they have a breach, but rather on how they respond when a breach occurs. 

While according to the Ponemon Institute 81 percent of companies have data breach preparedness plans in place and understand the basic procedures for responding to an incident, the actual execution of a plan during a breach can present even the most seasoned companies with challenges. It is no longer enough to just have a plan in place, companies today need to ensure they are continually examining the current data breach landscape in order to identify new threats, ensure they have captured best practices and are watching for common mistakes to avoid.

Based on experience servicing some of the largest data breaches to date, Michael Bruemmer, vice president, Experian Data Breach Resolution, has identified five common failures he sees companies making when preparing for, and responding to, a data breach, and outlined guidance for companies on how they can tackle these issues.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.