iTech Solutions - for all of your IBM i System needs

iTech Solutions - for all of your IBM i System needs

10 Steps to Prepare for a Security Breach

 

Phil Pearson, Chief Security Officer, iTech Solutions

We have to ask ourselves…what can we do to protect our organizations? In his book “Scouting for Boys” (1908), the founder of the Boy Scouts, Robert Baden-Powell said:

“Be Prepared… the meaning of the motto is that a scout must prepare himself by previous thinking out and practicing how to act on any accident or emergency so that he is never taken by surprise.”

It should be our goal to not only prevent security breaches, but to prepare for them, and to manage them to the least possible impact to the organization.  It’s critical to be realistic about the environment and to acknowledge that our organizations take risks (to achieve). Security isn’t perfect, but we can all be better and need to take the necessary steps to “Be Prepared.”

[Start Your Security Assessment]

 

What type of data personal breaches exist? (CIA)

  • Confidentiality Breach
  • Integrity breach
  • Availability breach

It is also apparent from above that the concept of personal data breaches is closely linked to the principle of the integrity and confidentiality of personal data. Therefore, a wide variety of personal data breaches may occur, such as losing a laptop or USB drive that contains personal data, attacking an IT system, or even sending a letter or an email to the wrong recipient.

Why is it so important that a data breach is handled as soon as possible?

The Preamble to the GDPR (Point 85) states that “a personal data breach may if not addressed in an appropriate and timely manner, result in physical, material or non-material damage to natural persons,” such as:

  • Loss of control over their data or limitation of their rights
  • Discrimination
  • Identity theft or fraud
  • Financial loss
  • What should you do if a personal data breach occurs?
  • The data controller has several tasks when a personal data breach is noticed:

Below are data breach response tips to build a plan quick:

  1. Don’t wait for a breach to get ready.
  2. Understand your business, and what is critical, important, and meaningful.  Document where those important things are stored, how they’re protected, and what the cost and impact are if they’re lost or stolen.
  3. Prioritize Security Awareness Training internally. Ensure that employees across all levels of your organization understand that it is their job to help support the company’s security posture.
  4. Create policies, procedures, and guidelines for handling information security incidents. Create practices for communication by involving your legal departments, staff, law enforcement and customers. Develop and document escalation and authority structures.
  5. Ensure you have visibility into the critical activity and behavior in your environment. Review how you are receiving and digesting this information, as well as which stakeholders within your organization receive, provide input on, or action the data.
  6. Make incident detection and analysis a core competency for your security program.  Visibility into the data and events occurring on the network and within the data repositories is critical since preventative controls can fail.
  7. Develop and understand your capacity for response.  Hire, contract, or allocate resources that are trained and have the necessary tools and experience in incident response. Develop a plan and process to understand and react to extended incidents, or major incidents that exceed the skill level and capacity of internal staff.
  8. Practice and learn. Even if you have regular “live-fire” incidents, review your plan yearly and do simulations to create a continuous improvement cycle.
  9. Leverage expert advice and guidance.  In addition to advice from a trusted security advisor, you can learn a lot from SANS Institute IR training or by reading resources like NIST’s Computer Security Incident Handling Guide.
  10. Talk early, and often, with your executives, company staff, and contractors about your program ’s readiness, your plans for improvement and your capacity for response.  While discovering a  security incident might be unwelcome, it shouldn’t be a surprise.

Final Point doesn’t wait to be breached, take a leaf out of RBP book “Be Prepared … by having thought out beforehand any accident or situation that might occur, so that you know the right thing to do at the right moment, and are willing to do it.”