Adam Montgomery: Cybersecurity Breach Preparedness and Prevention
By Adam Montgomery
Cybersecurity breaches are a growing threat to individuals and businesses. Risks abound from the actual breach and the response to it. There have been many notable companies to suffer high-profile cybersecurity incidents and their responses to those breaches helped determine whether the damage was a short-term blip or a long-term financial and reputational hit.
The very real financial, legal and reputational risks associated with breaches require business leaders to take a very close look at not only how they are attempting to prevent a cyber incident, but also how prepared they are to manage an incident after it occurs.
As long as cybercriminals have access to the internet they will seek ways to exploit points of weakness in an organization for their own gain. To protect their bottom line and reputation, businesses must take critical steps to protect data and sensitive personal information such as names, Social Security numbers, driver’s license numbers, credit card numbers and other personal information of their employees and customers by:
Training Employees. More than 60 percent of all cyberattacks are a result of employee actions. Whether the employees unwittingly fall prey to phishing or are active participants in an attack, they are almost always the weakest link in an organization’s security posture. Company management should not only ensure employees are aware and compliant with the standards of use within their corporate network, but also understand the threats they are likely to face so they’re better prepared.
Destroying and Reducing Collection of Personal Information. Collect and keep only the bare minimum personal information required for business operations.
Limiting Access and Encrypting Data. Entrust a minimum number of highly qualified employees with access to unencrypted personal information. A proper system of checks and balances will help safeguard data and deter inappropriate actions by employees.
Investing in Highly Secured Systems. Use sophisticated firewalls, encryption and VPNs to protect company networks, computers and portable devices against unauthorized access. Redundant security measures can help safeguard personal data from outside attacks. The use of multi-factor authentication not only for your employees, but also customers when interacting with your network is also important.
The time for a business to figure out how it will respond to an incident is not as one is happening. There are too many decisions that need to be made at senior levels to clearly think through the degree of detail and nuance needed for an effective, timely response. A detailed crisis plan enables company leaders to respond quickly and methodically to emotional and rapidly changing situations. Appropriate steps in any crisis plan include the following:
Identify Key Areas of Risk. Cyber threats can come from nearly any direction, but focusing preparation efforts on the most likely and potentially damaging threats to the business will not only help to prepare for those circumstances, but will also provide key elements that could be applied to most other circumstances.
Define Key Processes and Procedures. One of the hardest questions to answer in the heat of a crisis can be the first – “what do we do?” One of the most important components of any issues or crisis preparation program is figuring out who will do what, when and how. Outlining ahead of time the individual functions, core project leads and also defining details like how and when senior leadership would be expected to weigh-in greatly increases the effectiveness and efficiency of a response plan.
Practice, practice, practice. The best way to find out if your plan will stand up to a real world situation is to practice. Organizations should rehearse their issues and crisis management processes and procedures every year if not every six months. This not only helps to identify potential weak spots that might work better in theory than in practice – but also helps clearly define the expectations of those participating in the process.
Companies must attempt to minimize the loss of trust and protect its reputation from a breach or similar cybersecurity events. They should work in advance of potential problems to ensure full integration on the response team, codifying as much of the decision-making and messaging as possible. After a breach a structure must already be in place to help the C-suite, legal counsel, communications, IT and forensics to identify response strategies that best protect the organization and reassure stakeholders.
Human nature and human error ensure that cybersecurity breaches will continue. Business leaders should take important steps to prevent them and prepare to respond appropriately if and when they occur. Actions following a breach can help determine a company’s future performance and reputation.
Adam Montgomery is a member of the Privacy and Cyber Risk Practice Leadership Team in FleishmanHIllard’s St. Louis Office. For more information about crisis management and cybersecurity communications related services contact the FH Crisis Response Team.