How to Respond to a Network Breach

Posted by Mark Jennings - February 18, 2016 - Tech Trends, Compliance

Vector_4398.jpg

With hacking techniques getting more creative than ever, it has become increasingly hard to avoid data breaches.With 94% of employees, across a variety of companies, relying on the internet for their job, according to Pew Research Center, it only makes sense that data security threats are at an all-time high. So what happens when you find yourself a victim of a network breach? 

First, focus on the problem. The first step must be to find the problem and cut off the breach. Whether it’s through your website or an employee’s email, check every possible avenue. It’s important to isolate the problem so that it doesn’t spread throughout your entire network.

Second, move quickly. Once your network has been breached, there is no time to waste. It only takes a matter of minutes for hackers to access private data. Notify your IT department immediately if you suspect that there may be a problem. Don’t have an IT department? We’ll come back to that.

Next, assess the damage. What information was affected, who was harmed, who needs to know, what action needs to be taken? In some cases, a phishing or baiting attack may have been caught early enough to mitigate internally. If sensitive information was breached or malware introduced, you may need to involve a cyber-security firm or law enforcement.

Depending on the scale and spread of the breach, you may need to decide whether to shut down your system completely. Once you shut your system down, it means the hackers will know that they have been caught, which makes it harder to track them down. However, if you choose not to shut down, the hackers keep working, but you have a better chance of catching them and getting a better idea of the scope of damage done.

Once the breach has been mitigated, there’s the question of how to continue on.

Depending on the severity of the breach, you may need to call in an experienced IT company that can analyze the gaps in your security and help rebuild a more secure network. It’s crucial at this point to consult your team of experts about steps for the future and how you can prevent another data security breach.

Designing a secure network environment for your company is more than just updating your operating system or ensuring that your firewall is working, though those things definitely help.

The right IT professionals, whether they’re in-house or outsourced, will take a 360° view of your organization, taking care to customize the solutions they recommend to your specific needs and circumstances. Work with your team to develop a plan that takes into account the changing nature of cyber threats (zero-day vulnerabilities and IoT are virtually household names today but were unheard of outside tech circles in the past) and risks that have little to do with technology (social engineering is all about leveraging human gaps in your security).

Implement the new plan throughout your company. This means walking your employees through your new data security plan, alongside your tech experts. Training your employees on proper internet procedures is one of the best ways to secure your network. As mentioned in our previous post, social engineering tactics are often aimed at taking advantage of employees.

Peter Suber, Director of a U.S. project aimed at finding open access for research puts it this way: "We can be sure that privacy technology, like encryption, will continue to improve in ease and power—but so will privacy-penetrating technology. It is an arms race today, and I do not see that changing anytime soon. There will always be smart and motivated people on both sides.”

It’s no secret that cybercrime is not going away and will only continue to grow. Our society relies on technology for just about everything in today’s world. Technology is changing how companies operate as it becomes an integral part of daily responsibilities and operations.

This can only mean that establishing a secure network is more crucial than ever – and finding the right experts to do so. To learn more about how to put in place a layered security model to reduce risk, check out our latest eBook.

layered IT security model ebook

about the author

Mark Jennings

Mark Jennings is SymQuest’s Area Vice President of IT Sales. Jennings works with SymQuest’s sales and service teams to educate customers on current best practices around data protection, disaster recovery, security, and overall technology planning.

Mark Jennings
LinkedIn

Comments