What Not To Do In a Data Breach

Like any catastrophic or unplanned event, how you respond in the first few moments directly affects your chances of emerging from the incident with minimal impact for all involved.

From small businesses to large corporations, cyber threats are imminent. As an owner, manager or employee you will likely encounter a cyber attack in some form. With human resources becoming more technologically inclined, digitizing data and personal information, data stored in the cloud (e.g. off-premise) becomes a valuable target. It’s vital to know how to respond to such an incident and what consequences will ensue.

There are many resources advising executives, PR, and HR departments on how to handle these unfortunate occurrences, but it may be just as helpful to know exactly what not to do in the case of a data breach.

1️⃣ Don’t Forget Your Customers

In many cases customer data (i,e. Personally Identifiable Information or PII) is the target of the cyber attacks. In this case, businesses are required by law to inform those customers who may have been affected. The consequences of identity theft can be costly and long lasting. So be sure to follow up with your customers after the initial message explaining the incident. Though your customers don’t need to know everything, consistent and transparent updates will remind them that you care about the risk they’ve been exposed to and that you aren’t ignoring the inconvenience you have put them through.

One of the most damaging effects of a data breach is the hit that your brand image and customer relations takes as a result. It’s important to accurately portray the fact that you are doing everything you can to manage the accident and are acting in the customers best interest.

2️⃣ Don’t Forget Your Employees

75% of data breaches happen internally. Even if your most recent attack was not internal this time, you should still protect yourself from a potential internal attack in the future. This doesn’t mean that it was done purposefully by someone within your organization, but more likely that an employee’s device was compromised. Encourage your employees to start implementing common sense security practices such as, using a passcode on all devices and updating strong complex passwords every six weeks.

Employees may benefit from using a trusted antivirus software. Your employees may be more willing to make an effort to use these safe practices if they know that employee information stored within the cloud is also a common target for hackers.

3️⃣ Don’t Exaggerate

Many organizations will exaggerate the severity of the attack to make it sound like they were hacked by an extremely sophisticated software, hoping to make it appear as though there was nothing they could do. Trying to divert the blame is never a good tactic in any situation.

By exaggerating you could create more panic in customers than necessary. Also, the larger of an attack you claim it to be, the more attention your business’ incident will get which will make it harder to retain brand image.

4️⃣ Don’t Move On Too Quickly

Being thorough is the best thing you can do throughout every aspect of a data breach. When it comes to actually treating the breach itself, be sure to take the time to confirm that all endpoints are closed, and any and all ports of entry are secured. This can take some time to confirm and may involve various intrusion assessments to ensure your computer and corporate IT assets are invisible to port sniffers (hackers looking for open ports to your computer).

Regardless of the type of attack, you must learn something from the attack. Take the opportunity to develop a new security plan with the information you learn from the experience.

* * *

One of the most important qualities in a company that will be recognized in a severe data breach is transparency. This means being open with the who, what, when, where and why of the happenings.

Of course not all information can or should be divulged to the general public, but any sort of effort to keep the incident quiet always tends to backfire. Taking your time to declare the threat is extinguished and the problem is solved, is also key to coming out of a breach unscathed.

There is a subtle difference between a good and great HR management software. Know how we deliver nothing but “Great” by starting your 14-day free trial at CakeHR!