5 Common Failures Companies Make Regarding Data Breaches
|
 |
|
Potential Litigation
Failure #4: Not thinking about response through the lens of potential litigation.
Even with 81 percent of companies having a response plan, 72 percent of security officers do not think their organization’s plan would be effective in reducing the likelihood of lawsuits (Ponemon Institute). As the legal backdrop around data security continues to evolve, these concerns are not unfounded. Recent legal cases provide plaintiffs with more standing, therefore opening up companies to a greater risk for litigation and settlements. For example, in the P.F. Chang Class Action Suit the court ruled that the plaintiffs had standing since P.F. Chang’s statements following the breach suggested customers take protective remediation measures, such as monitoring their credit, inferring that customers were at risk of identity theft or fraud.
Closely monitoring actions taken by attorneys general and new case law can help companies as they continue to build their incident response plan.
Over the last few years, data breaches have become a regular occurrence for most consumers. By now, the average person has either been directly impacted by a data breach or knows someone who has. As a result of this increase in data breach awareness, companies that experience a breach are under much greater scrutiny today than ever before. Companies are no longer judged by whether they have a breach, but rather on how they respond when a breach occurs.
While according to the Ponemon Institute 81 percent of companies have data breach preparedness plans in place and understand the basic procedures for responding to an incident, the actual execution of a plan during a breach can present even the most seasoned companies with challenges. It is no longer enough to just have a plan in place, companies today need to ensure they are continually examining the current data breach landscape in order to identify new threats, ensure they have captured best practices and are watching for common mistakes to avoid.
Based on experience servicing some of the largest data breaches to date, Michael Bruemmer, vice president, Experian Data Breach Resolution, has identified five common failures he sees companies making when preparing for, and responding to, a data breach, and outlined guidance for companies on how they can tackle these issues.
Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance
PAM Solutions: Critical to Securing Privileged Access
To protect the company from those insiders who abuse their privileged access and from hackers with stolen credentials, many companies are turning to a privileged access management (PAM) solution. ... More >>
How Can We Fix the Fake News Problem?
Is fake news a security issue? Some say yes, as it can be used as a social engineering tool to spread disinformation and conceivably to get unsuspecting users to click on malicious links. ... More >>
The World According to Blockchain
Blockchain comes with many costs and is surrounded by confusion. Here, we examine realistic use cases, drawbacks and the potential of blockchain. ... More >>