This is the first of four articles by Strauss Troy about cybersecurity preparedness and response.
A cybersecurity or data breach is a security violation that exposes protected or confidential information to an unauthorized individual or group. As more and more jobs operate in a connected (and sometimes remote) environment, the opportunity for data breaches increases, through both technology vulnerabilities and user behavior.
Not Just an IT Problem
When we think of data security, we tend to think of it as an IT problem. However, data security isn’t just limited to the IT department—it’s a problem that affects the whole business. Data security must start with a commitment by everyone in the company to fund, enforce, and comply with the measures necessary to protect data.
Small businesses are disproportionately affected by data breaches. The median size of companies that fell victim to a cyberattack in Q3 2020 was 234. The biggest losses to companies are business interruption costs, with companies experiencing an average of 21 days of downtime.
What do companies need to consider when addressing cybersecurity issues? First, consider whether adequate security measures are in place. If a breach were to occur, is there an action plan in place to quickly respond?
When a breach occurs, prepared companies should be ready to respond with several actions. A good security incident response plan should involve more than just IT; it should include a multidisciplinary team that brings in expertise from areas such as:
- IT
- Senior Management
- PR/Communications
- Legal counsel
- Forensics
- Data analytics
- Threat Actor communication/negotiation
Have an Incident Response Plan
If a breach happens, the first priority is to stop the attack and mitigate any unauthorized access to the company’s network or data. Immediately after the breach is remediated — or sometimes while it’s happening – it is important to begin to assemble your team that will guide the company through its response to the incident. The response should be guided by a written incident response plan that takes into consideration the unique characteristics of your business.
It’s also important begin to analyze what data was compromised. The information contained in the compromised data – social security numbers, credit card numbers, personal health information – will largely dictate the response required.
In Part II of this series, we’ll discuss how to handle the forensics of a data breach and how that investigation impacts your required response and potential liability. In Part III, we’ll review the legal implications of data breaches, including civil lawsuits and liability for third party breaches. In Part VI, we will discuss the direct and indirect costs of a data breach to your company.
As cybersecurity breaches—and the damage they inflict to businesses—continue to become more commonplace, the attorneys at Strauss Troy can help you prepare for and respond to potential cyberscurity threats.