Theft of Data (Data Breach)
Data Breach Incidents Can Cause Substantial Exposure, and an Immediate and Effective Response is Required. If Your Company’s Data Security Protocols Have Been Compromised, You Must Begin Making Informed Decisions Immediately In Order to Prevent Unnecessary Losses.
If your company has experienced a data breach, or if you don’t know whether your company has experienced a data breach, your response needs to be swift and decisive. While a significant amount of damage may have already been done, your company’s situation could get far worse if it does not respond to the breach appropriately. From uncovering the source of the intrusion to seeking immediate relief in the courts, there are many critical steps that may need to be taken right away.
While corporate data breaches have become far more common in recent years, this does not serve as an excuse for companies that experience intrusions. If anything, the prevalence of data breaches in recent years has heightened scrutiny of companies that do not do enough to protect their employees’, customers’, and vendors’ data. When breaches occur, companies will typically have legal obligations at the federal and state levels (and potentially the international level as well). Failure to comply with all applicable breach notification and other laws can increase companies’ liability exposure, and failure to remediate intrusion threats can lead to enhanced exposure in the event of a recurrence.
Of course, companies have their own data to worry about as well. If hackers have gained access to your company’s systems and stolen your company’s confidential and proprietary data, this too is a crisis event that requires an immediate response. At Oberheiden Risk Consultants, we have extensive experience advising companies in the aftermath of data breaches and information theft, and we can work quickly to help your company recover.
The 5 Key Components of Effective Data Breach Response
Responding to a data breach incident requires a multifaceted response focused on legal compliance and risk mitigation. With this in mind, we break down our data breach response protocol into five key components:
1. Identifying the Source of the Intrusion
First, and in many respects most importantly, it is necessary to identify the source of the intrusion as soon as possible. Until you know what vulnerability the intruders exploited and how they exploited it, you simply have no way of ensuring that any of your company’s data are secure.
When looking for the source of an intrusion, it is necessary to consider all potential contributing factors. This includes factors that are both internal and external to your company’s information technology (IT) infrastructure. Did hackers independently find a way to breach your company’s (or one of its vendors’) logical data security measures? Or, did an employee either intentionally or inadvertently supply information that offered a way in?
Our team of crisis management consultants includes several former high-ranking federal investigative agents who have extensive experience handling large-scale data breaches. We rely on the knowledge gained from this experience and industry-leading technological capabilities to quickly and definitively identify the source of our clients’ intrusions. When you do not have time to waste, you can rely on Oberheiden Risk Consultants to make sure you have access to the information you need as soon as possible.
2. Assessing Ongoing Vulnerabilities
In addition to identifying the source of the intrusion, it is also imperative to assess any other ongoing vulnerabilities. While not always the case, oftentimes, if there is one shortcoming in a company’s data security infrastructure, there will be others as well. In order to ensure that your company is not unduly exposed to the risk of similar crisis events in the future, you must be confident that there are zero outstanding vulnerabilities that are capable of exploitation.
For this reason, when seeking to identify the source of an intrusion, it is important not to stop looking once the source has been identified. While this is an event that should trigger subsequent steps in the process, unless and until all possible vulnerabilities have been assessed, the examination of your company’s IT infrastructure and security measures should continue. At Oberheiden Risk Consultants, we have the team and capabilities required to assist our clients with breach notification and other subsequent steps while also simultaneously continuing to scrutinize and stress test our clients’ data security systems.
3. Complying with Breach Notification Laws
Data breach notification compliance presents a significant undertaking even in the event of a relatively “minor” security failure. When hundreds of thousands or millions of consumers are affected, the burden of compliance can be extraordinary. At Oberheiden Risk Consultants, we manage the data breach notification process for our clients, including the Federal Trade Commission’s (FTC) recommended steps of:
- Assembling a team of experts that includes independent forensic investigators and legal counsel with privacy and data security expertise;
- Securing physical areas potentially related to the breach, including taking steps such as changing locks and access codes as necessary;
- Preventing additional data loss through all available means, including taking affected equipment offline if necessary;
- Removing any information that has been improperly posted online, including on your company’s website and any third-party websites;
- Interviewing the personnel who discovered the breach and anyone else who may potentially have information that is useful to assessing the source of the intrusion and the company’s ongoing cybersecurity risk;
- Fixing all vulnerabilities, including internal and external ones, and working with the company’s forensic experts to identify and preserve all relevant data and evidence; and,
- Notifying law enforcement, affected businesses, affected consumers, and the credit bureaus (if necessary), all as required by law.
When issuing data breach notifications, messaging is extremely important, and companies must have a cohesive communications strategy that addresses all pertinent legal, public relations (PR), and practical considerations. Our consultants can work with your company and its communications team to craft compliant data breach notifications that send the right message, and we can assist with matters such as establishing data breach call centers, offering credit monitoring and identity theft monitoring services, and responding to negative publicity as well.
4. Remediation and Restoration
In tandem with their breach notification compliance efforts, companies must also undertake adequate measures to remediate the breach and restore their databases’ security. We offer comprehensive services in this area as well, from assisting with IT vendor due diligence and contract negotiations to implementing new data security protocols on a company-wide scale. Our consultants can provide thorough recommendations for your company’s remediation and restoration efforts, and we can manage the entire process while you restore your focus on managing your company’s customer relationships and day-to-day operations.
5. Auditing, Stress Testing, and Monitoring to Prevent Future Intrusions
Once appropriate breach notification, remediation, and restoration efforts have been completed, companies must continue to assess their data security risks in real-time. New risks will continue to arise, and this means that preventing theft of company data needs to be a proactive and ongoing process.
In addition to handing the crisis management aspects of data breaches, we also assist our clients with ongoing data breach prevention. This includes conducting audits, stress testing, and monitoring our clients’ data security programs in order to ensure that our clients are equipped to prevent intrusions to the fullest extent of their capabilities. As with all of our consulting services, we tailor these ongoing data protection services to each client’s business, industry, and needs, and we maintain close contact with our clients’ data security personnel to ensure that they have the insights and resources they need in order to do their jobs effectively.
Litigation Risk and Loss Assessments Following Data Security Breaches
When data breaches occur, the costs can be substantial. This includes intangible costs such as loss of goodwill, direct financial costs such as loss of customers, and judgment liability due to ensuing litigation. For many companies, managing – and mitigating – these costs effectively can be absolutely essential.
As a full-service risk management consulting firm, we assist our clients in these areas as well. We can help you understand the direct and indirect financial impacts of a data security breach, and we can assess your company’s risk of liability in breach-related litigation. As with all matters, we take an efficient and cost-conscious approach, and our former federal agents offer extensive insights backed by decades of experience in investigations, compliance, and risk management.
Has Your Company Experienced a Data Breach or Possible Intrusion? You Need to Act Right Away
When faced with the possibility of a substantial data breach or theft of your company’s proprietary information, an immediate response is required. There is no time to waste, and any unnecessary delays can increase your company’s potential liability exposure – perhaps significantly. You need to make smart decisions based on accurate information, and you need to execute a strategy founded upon deep expertise. At Oberheiden Risk Consultants, we know data security, and we know what it takes for companies to meet their obligations, exceed their customers’ expectations, and protect their bottom lines.
Discuss Your Company’s Needs with a Member of Our Corporate Crisis Management Team
For more information about our firm’s data breach response and notification services, please contact us to arrange a complimentary initial consultation. Member of our corporate crisis management team are available 24/7. Call 214-692-2171 to speak with one of our former federal agents in confidence, or tell us how we can help online now.