Six Steps for Dealing with a High-Level Data Breach

Share  
1  |  2  |  3  |  4  |  5  |  6  |  7  |  8  |  9
Previous Next

Click through for six steps organizations should take when faced with a data breach, as identified by Anthony DiBello, strategic partnerships manager, Guidance Software.

Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

Sue PorembaThe Department of Energy was hacked. Again. It is the second time this year that the DOE was the victim of a breach. The breach took place in, and it is believed that the personally identifiable information (PII) of 14,000 present and former employees was potentially compromised.


Defense contractor Northrop Grumman recently announced that it, too, suffered a similar breach.

In both cases, because of the type of information affected, the hackers may have been doing little more than data mining for valuable-on-the-black-market PII. Or it could be the hackers were looking for more, like the ability to access data involving the critical infrastructure or national security stored on the organizations’ networks. We don’t know, and we won’t know, as Anthony DiBello, strategic partnerships manager, Guidance Software, pointed out to Sue Marquette Poremba in an email, without a complete forensic analysis of the compromised systems. He went on to say:

When incidents like this happen, people are very eager to get their systems and machines back online and working. This may cause serious loss to the forensic artifacts and the evidence to determine exactly what happened.

After a breach, DiBello added, an organization should take the time to learn what happened, and leverage the lessons learned to improve their systems. Otherwise, they may leave themselves vulnerable to another, similar attack. So DiBello provided the following tips on how to best manage breaches like this.

 

More Slideshows

Misc40-290x195 Ten Vulnerabilities that Impact Enterprise Cloud Apps

With increased popularity comes more attention from malicious hackers trying to access PII and other sensitive data. It's more critical than ever before to understand how -- and where -- you're storing your data, and the variety of vulnerabilities can exist in the apps in your network. ...  More >>

Security45-290x195 Cyber Crime: Law Enforcement Fights Back

While cyber crime continued to dominate headlines and wreak havoc on organizations of all sizes across nearly every industry in the first half of 2014, it's refreshing to note law enforcement also stepped it up. ...  More >>

Security44-290x195 August Patch Tuesday: IE Vulnerabilities and Enforcement of 8.1 Update

The patches released by Microsoft for the August Patch Tuesday include nine bulletins (two critical and seven important) and cover 38 CVEs. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.