What To Do When Your Company Network Is Hacked

I have written many articles and blogs warning about the cost to a company from a security breach.

Ben Worthen, a staff reporter in The Wall Street journal’s San Francisco bureau, wrote a great article “What to Do if You’ve Been Hacked” on September 26, 2011, where he has highlighted some key things to do. All the points are excellent but the #1 “to do” is to not ignore the attack and hope it goes away. It won’t!

Here is some advice if your company network has been hacked:
Don’t unplug the affected computer because it can erase key evidence stored in computer memory and not on a hard drive, but do disconnect the it from the network.

Call in post-breach forensic security experts for the investigation as soon as you discover the attack. If your IT people, police, etc. are not properly trained key evidence can be destroyed.

Maintain a chain of custody to show you are following appropriate procedures in dealing with the breach. This can help with both legal issues and privacy protection compliance issues.

Determine if the breach has infected other computers and other servers. Again the pros will have to do this.
Remove the infection by cleaning all data, updating all anti-malware programs and maybe even scrubbing the computer’s hard drive and re-installing the OS and apps from scratch.

Determine how many data files were affected. The last thing a company wants to do is report a breach that then has to be modified up or down.

Determine who to tell and how can be as devastating to a company as trying to figure out how the breach occurred in the first place. With forty-six different state laws, numerous federal laws, and figuring out which ones apply also requires specialists.

Finally, apologize to your customers. Make them feel that they are important and your respect their privacy. Otherwise you risk lost customers, wasted money to acquire customer in the first place and law suits.

With just these eight points you should start to understand why the average cost to a company from a data breach is now at $7.2 million per incident. While there is no way to guarantee that a company will not experience an attack, just a few simple tasks will help:

Know the four points of vulnerability; Building, employee, computer and network.

Bring in a security analysis team to evaluate all these points of vulnerabilitiesr
Develop a plan ahead of time on how to respond to a breach. Companies practice fire drills why not data breach drills.

Train your employees about security and what to watch out for. Hey it’s their jobs too on the line.

Buying breach insurance is important, but to qualify the company has to have first put in place security and had completed a security analysis.

With so many ways customers personal information can be compromised, the best a company can do is to place enough barriers to makes thieves look for easier prey.