The days of storing client information and important business documents in filing cabinets and cardboard boxes are nearing their end. As businesses navigate the digital age, cybersecurity has become a crucial fixture in company plans. Not every business has the financial resources to obtain top-shelf defenses against cyberattacks, and even those businesses that can afford such protection have had their data breached.
In the event of the data breach, businesses should follow the Federal Trade Commission’s three-phase process to protect their clients and minimize damage.
Phase 1: Lock the situation down
Fast action can save the problem from getting worse. As soon as you suspect a breach, employ a team of professionals to diagnose and cut off external access to your system. In addition to cybersecurity professionals, gather a team of professionals that can inform the following phases, including:
- Human resources
- Legal professionals
- Data forensic investigators
- Executive management
- Public relations and communication experts
To stop the cyber attack from spreading, take any affected equipment offline and off your business network as quickly as possible. However, keep the affected equipment powered up until your team can access it to avoid losing evidence.
Change passwords and credentials, and restrict physical access to areas associated with the breach.
Determine what information was accessed and remove all information that was posted publicly.
Phase 2: Patch the gaps
Find the vulnerabilities in your system and work with your breach response team to resolve them immediately. Contact your service providers to ensure that any vulnerabilities on their end have been fixed.
Double-check that the measures you took to stop the initial breach were effective. Have your information technology and security professionals review associated servers to make sure that the attack did not jump from the first access point.
Follow any guidance provided by forensics experts and your information technology team to restrict unnecessary access and preserve your existing data.
Phase 3: Start communicating
Together with your public relations and legal team, put together a plan to let people know about the breach. Any parties involved with the breach, whether individuals or other businesses, have a right to know that a breach occurred. Provide them with the following information:
- How the breach happened
- What information the attackers accessed
- How the attackers used or may use the information
- How you are addressing the breach
- How to reach you if they need more information
- How you plan to contact them about the breach in the future
- How they can protect themselves and what you are doing to protect them now
Contact law enforcement as soon as the situation allows. If your local police department cannot handle internet security crimes, they may refer you to the FBI or Secret Service. If mail theft occurred, call the Postal Inspection Service immediately.
Law enforcement may restrict what information you can give to affected individuals in order to preserve the integrity of the investigation. Follow all guidelines provided by law enforcement.
Take data breaches seriously and be proactive
The best defense against an internet security breach consists of preventative measures. Stay educated about developments in cybersecurity, and make sure that your business complies with evolving data security requirements.
If a breach does occur, use any and all resources at your disposal, including individualized advice provided by the FTC, to address the situation quickly and correctly.