Data breaches are costing organizations lots of money. Research shows that the average cost of a data breach is $1.23 million for organizations and $120,000 for small-medium businesses; both numbers have increased from last year.
Source: Ponemon Institute
There are many factors that contribute to the cost of a data breach. For example, a large data breach leads to a higher cost. Other expenses include time taken to identify and confine the breach, lost business, improving software and infrastructure, insurance increases and fines.
What is a data breach?
A data breach is when sensitive or confidential information is accessed in an unauthorized way. This information can include medical records, SINs, home addresses, patents and new product plans. A recent example of a data breach is the hacking of Ticketfly. Approximately 26 million users had their personal information posted onto a public server. Ticketfly shut down their website in response to the hack, which they put offline for about a week.
Data breaches aren’t always caused by hackers. Sometimes a company can leak their own data due to human error. A bank in Australia once accidentally sent data of 10,000 customers to the wrong e-mail address.
Dealing with the aftermath of a data breach is tough, but here are some steps you can take if you experience one.
What to do when you experience a data breach
As soon as you are aware of a data breach, you should act immediately to stop the threat. Identify what data has been compromised and find out which systems are affected. Try to gather as much information as you can and document everything.
Once you find out what is wrong, take the necessary steps to fix the problem. If there’s a virus, isolate the infected system so that it does not spread to other parts of the network. You may not be able to fix everything right away, but it’s important to mitigate the damage by fixing what you can.
Inform employees, stakeholders, authorities and customers about the breach. Create a communication plan to address issues of what was taken, who was affected and how the breach happened. Prepare to address the media and/or an influx of customer inquires. Be clear about what steps you are taking to resolve the issue.
Assess and monitor
Continue to monitor the situation to ensure that there are no other underlying problems. Assess your systems for hidden malware or other viruses.
Learn from your mistakes
News of a data breach can hurt your reputation and cause you to lose customers. Make sure you show them and the people in your company that you take security seriously. Find out what went wrong with your data breach and do your best to make sure that it will never happen again.
It’s easiest to act after a data breach when you already have a security response plan in place. At Jolera, we offer Cyber Security Risk Assessments that can help you determine how you can improve your security infrastructure. Check out our Consult-I.T.™ services for more information.