Yeo Siang Tiong, general manager for Southeast Asia at global cybersecurity firm Kaspersky, says the company has some recommendations to ensure businesses can get back on track sooner following a data breach, strengthening their IT security operations.
1. Assess the situation
Assess the risk to customers from the data breach. Risk assessment lets you decide the next steps, including whether to report the breach. If it's a high risk to customers, you must inform them without undue delay.
2. Keep your CISO
Unless the incident can be directly attributed to an irreversible failure on the part of the chief information security officer (CISO), don't fire him or her to appease customers or shareholders. Your CISO will have the experience and knowledge you need to see you through this issue.
3. Be transparent and helpful
Don't try to cover up the breach or hide details from those affected. When you tell customers what happened, give them advice on what to do next.
4. Make sure you notify everyone affected
If you're processing data for other organisations, don't forget to tell them about the breach. They will have steps they must take too.
5. Document everything
Document every data breach, even if you don't have to report it. Record what happened, the steps you took and why the breach was or was not reported.
6. Invest in building a cyber-aware culture
Strengthen cyber-awareness training for all employees.
7. Plan your breach recovery strategy
The best time to prepare for your recovery from a breach is before it happens. Take one step today, perhaps starting by looking at how your organisation would detect a breach, or how you can test the detection capabilities you have.
For individuals, Kaspersky offers a step-by-step guide detailing all of the measures needed if you believe you've been a victim of a personal data breach.
1. Figure out what data was breached and check for updates
If you received a notification from a company stating that your information may have been exposed, or perhaps you saw information about a leak in the media, you should check with the company and ask them what type of information that includes. The most common forms of stolen personal data are name, email, password, phone number, ID number, address and credit card information.
2. Update any exposed credentials
Change your password right away when in doubt. If you have reused your password on multiple sites, it is important to update all logins and follow good password hygiene. In general, it is best practice to have multiple passwords that are updated regularly (every three to six months).
3. Sign up for two-factor authentication
Double your online security by signing up for two-factor authentication wherever the option is available.
4. Monitor all of your accounts
One set of exposed credentials can be easily cross-checked across many different websites, social media pages and subscriptions/memberships. It is important to watch for any strange activity in your accounts, such as new purchases, password changes and logins from different locations.
5. Protect your financial privacy
If payment information was leaked as part of a data breach, you should ask your bank to lock or pause your cards right away and send you a replacement. If your financial details have been exposed and you have noticed changes, you should take steps to freeze your credit. There is no cost incurred by doing this and it will prevent malicious actors from opening new credit accounts in your name.