• January 3, 2016

7 Steps to Safeguard Your Corporate Data – The Executive Breach Blanket

Another year, another week, another data breach. Despite a rash of hacking incidents at Home Depot, Target and even J.P. Morgan, where 76 million households had their contact information stolen, it would appear C-level executives aren’t doing enough to safeguard consumer information.

According to a study conducted by the Ponemon Institute entitled, ’The Importance of Senior Executive Involvement in Breach Response’ released in October 2014, more than 70 percent of executives think their organisation only partly understands the risks to which it could be exposed, and only 45 percent believe they are accountable for the incident reporting process.

Despite the media coverage, there’s been relatively little consumer outcry, short of a collective yawn because of the numerous data breaches the past few years. Outside of some high profile resignations, most C-level executives view a data breach as part of the cost of doing business’ and an inevitability. So it’s business as usual across the boardroom.

According to the Ponemon study, the financial consequences from a breach can be particularly severe. The annualized cost for 59 US companies in the study is $12.7 million per year, with a range from $1.6 million to $61million per company. The average cost for 38 UK organizations is £3.56 million per year, with a range from £544,964 to £14 million. One thing is clear — CEOs need to put security on their strategic agendas alongside revenue growth and other issues in boardrooms.

Breached Birth: Howto Ensure Your Incident Response Is Not Stillborn

An executive data breach plan is designed to manage any negative impact from an incident based on what is known from technical and potential business damage outcomes. Here’s the 7-step plan that must be in place and always ready to be put into action should a breach disclosure become necessary:

Continuous monitoring and detection—Most companies have detection protocols and processes in place but the key to identifying and responding to an issue not only quickly, but effectively are early detections. For a breach that will require a public disclosure, the response plan must trigger the right alerts to pre-assigned executives and internal resources to ensure a fast and effective corporate response.

The triage phase—Analyze, categorize and correlate the available information to prepare an accurate assessment and response. Once you can determine the severity of the breach, you can delegate remediation and response actions to the proper incident response teams. This phase is crucial to coordinating the technical response groups and creating your final response plan.

Technical response—Trigger different technical resource teams within your IT department to contain, resolve, or mitigate the incident as well as the actions needed to repair and recover affected systems or data.

Management response—Direct involvement of senior executives requiring intervention, notification, interaction, escalation, or approval as part of any response. Includes coordinating with corporate communications as it relates to any human resources, public relations, financial accounting, audits, and compliance issues.

Communications response—Management will direct the release of breach information, both to internal and external constituents, after consulting the corporate communications staff. This may include any and all issues related to any human resources, public relations, financial accounting, audits, and compliance issues.

Legal response—The legal response, if required, would work with outside regulators, and other parties. In addition, their input would be required for any external communications in accordance with company policy and any statutory or regulatory requirements.

Incident closing—After the incident has been contained, eradicated, or mitigated, all relevant data must be collected, documented and preserved. An after-incident report and subsequently, lessons-learned session should be conducted to identify efficiency improvements in either processes or techniques used for remediation.

Stay Alert

The challenge of an effective executive data breach response is identifying appropriate experts within the ranks. For most, this will prove challenging. Consider seeking expert, established service providers with the resources to create a robust response plan both technically and operationally. Providers such as Hewlett Packard Enterprise can assist your organization with a complete security portfolio, and work with you to improve your security processes and operations every step of the way.

Visit Hewlett Packard Enterprise’s Executive Breach Response to take the assessment and evaluate your enterprise’s ability to respond to a security breach.