5 Common Failures Companies Make Regarding Data Breaches

1 | 2 | 3 | 4 | 5 | 6 | 7
Next 5 Common Failures Companies Make Regarding Data Breaches-3 Next

Emerging Threats

Failure #2: Not anticipating emerging threats that complicate breaches.

Companies are often unprepared or underprepared to respond to emerging threats such as ransomware. While ransomware is not new, both the technology itself and the regulations on reporting it are continuously evolving. New versions of ransomware can have implications beyond just losing access to systems or documents, and can now leave behind malware that could cause a breach down the road. On the regulatory side, organizations that fall under HIPAA are now required to report all ransomware attacks. This guidance, released by the Department of Health and Human Services Office of Civil Right in July 2016, is a result of the fact that it can be unclear whether or not data was accessed during the time of the ransomware attack.

As a best practice, all companies should revisit their response plan to ensure that it includes, at the very least, a response to even basic ransomware attacks, as well as a plan for reporting the attack to regulators, as reporting can help mitigate the impact of related breaches in the future.

Over the last few years, data breaches have become a regular occurrence for most consumers. By now, the average person has either been directly impacted by a data breach or knows someone who has. As a result of this increase in data breach awareness, companies that experience a breach are under much greater scrutiny today than ever before. Companies are no longer judged by whether they have a breach, but rather on how they respond when a breach occurs. 

While according to the Ponemon Institute 81 percent of companies have data breach preparedness plans in place and understand the basic procedures for responding to an incident, the actual execution of a plan during a breach can present even the most seasoned companies with challenges. It is no longer enough to just have a plan in place, companies today need to ensure they are continually examining the current data breach landscape in order to identify new threats, ensure they have captured best practices and are watching for common mistakes to avoid.

Based on experience servicing some of the largest data breaches to date, Michael Bruemmer, vice president, Experian Data Breach Resolution, has identified five common failures he sees companies making when preparing for, and responding to, a data breach, and outlined guidance for companies on how they can tackle these issues.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

PAM PAM Solutions: Critical to Securing Privileged Access

To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ...  More >>

Fake news How Can We Fix the Fake News Problem?

Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ...  More >>

blockchain The World According to Blockchain

Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ...  More >>

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.