5 Common Failures Companies Make Regarding Data Breaches

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next 5 Common Failures Companies Make Regarding Data Breaches-3 Next

Emerging Threats

Failure #2: Not anticipating emerging threats that complicate breaches.

Companies are often unprepared or underprepared to respond to emerging threats such as ransomware. While ransomware is not new, both the technology itself and the regulations on reporting it are continuously evolving. New versions of ransomware can have implications beyond just losing access to systems or documents, and can now leave behind malware that could cause a breach down the road. On the regulatory side, organizations that fall under HIPAA are now required to report all ransomware attacks. This guidance, released by the Department of Health and Human Services Office of Civil Right in July 2016, is a result of the fact that it can be unclear whether or not data was accessed during the time of the ransomware attack.

As a best practice, all companies should revisit their response plan to ensure that it includes, at the very least, a response to even basic ransomware attacks, as well as a plan for reporting the attack to regulators, as reporting can help mitigate the impact of related breaches in the future.

Over the last few years, data breaches have become a regular occurrence for most consumers. By now, the average person has either been directly impacted by a data breach or knows someone who has. As a result of this increase in data breach awareness, companies that experience a breach are under much greater scrutiny today than ever before. Companies are no longer judged by whether they have a breach, but rather on how they respond when a breach occurs. 

While according to the Ponemon Institute 81 percent of companies have data breach preparedness plans in place and understand the basic procedures for responding to an incident, the actual execution of a plan during a breach can present even the most seasoned companies with challenges. It is no longer enough to just have a plan in place, companies today need to ensure they are continually examining the current data breach landscape in order to identify new threats, ensure they have captured best practices and are watching for common mistakes to avoid.

Based on experience servicing some of the largest data breaches to date, Michael Bruemmer, vice president, Experian Data Breach Resolution, has identified five common failures he sees companies making when preparing for, and responding to, a data breach, and outlined guidance for companies on how they can tackle these issues.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.