Post Breach Denial Increases an Organization’s Legal Exposure
How can you reduce an organization’s legal exposure immediately following a data breach?
Cybersecurity events like data breaches make headlines regularly and cost businesses millions in fines and lawsuits. Breach announcements topple executives, destroy shareholder confidence, push customers away, invite regulatory scrutiny, and inflict lasting damage to organizations. Right after a cybersecurity incident, everyone is in reactive mode trying to respond quickly and effectively. While most organizations have a plan for incident response, few consider how their actions during a response affect their legal exposure.
When an organization first has reason to believe that it was breached, many react with denial. They say, “That’s impossible. There’s no way that our data could have been stolen. There’s no way that attack vector could ever work on our organization.”
Responding to an Attack Fast is Key
Every major cybersecurity event occurs in a way that your Information Security team has not predicted. If InfoSec had thought that it could happen that way, they would have blocked the vulnerability and it wouldn’t have happened. It is always the case that the impossible has seemingly occurred in light of a major security event.
The reason why it’s important not to go into denial is that every day that you are in denial about an event, the event continues for another day and more data leaks out. Achieving fast containment of an event is crucial to minimize the legal exposure that’s inevitably going to follow. If you act quickly, what could have resulted in a million-record event may turn out to only be a hundred thousand-record event because you reacted quickly.
Follow your Incident Response Plan, and once you are out of the thick of the incident, you can rework your next IRP to include this new type of incursion.If you need some help assessing the new needs your organization has after a breach, talk to Idenhaus about how your organization can plan for and avoid future cyber attacks.