In-depth

What to do in case of a data breach

How to batten down the hatches after a data breach - is it possible to prevent further damage to your firm's reputation?

In this fast-changing world of technology, data breaches are the headline grabbing equivalent of glamour girl and new singleton Katie Price.

But while Jordan might be a permanent fixture in the red tops - whether for falling out of a taxi, or a dress - she may not be aware that she is fighting for attention against some much less glamourous competition. In this case the loss of personal data, whether through negligence of criminal activity.

Large enterprises, institutions, and organisations rarely lurch around in high heels at the back of nightclubs, but they do suffer their own kinds of public disgrace. In fact, when it comes to creating red-faces, data breaches are the equivalent of home alone teenagers hosting Facebook parties: damaging, embarrassing, and with far-reaching knock on effects.

As an out-of-control party may only incur the wrath of neighbours and make holidaying mums and dads think twice about leaving teenagers home alone for a fortnight, so too can a data breach can also leave a firm wide open to shame, criticism, public scrutiny, and reputation damage.

This is the equivalent of discovering that your lazy stupid teenage son has destroyed your house and then being dragged on to the Jeremy Kyle show to discuss why it's all your fault.

Bad reputation

Firms that are exposed for their data management weaknesses will find their reputation damaged and will face anger and confusion amongst their customer employees and partners.

A study by the independent research organisation the Ponemon Institute found that almost two-thirds of all consumers had been victims or a data breach, while roughly the same amount had both modified and scaled-back on their online activities following such an incident.

How a firm reacts in the public eye is as important as the activities that it undertakes behind closed-doors. It is simply not enough to hold your hands up to the issue; firms have to explain what happened, what it means, and what affected parties should do about it.

The issue that losses are often not discovered until they have caused a problem underlines the fact that all firms should be prepared for what is becoming a very common threat.

Of course, organisations should do all that they can to mitigate the internal threat, and in a budget-constrained environment staff training is the most obvious place to start this.

Jay Heiser of the analyst firm Gartner said that firms should be prepared for data losses and should couple well-trained staff with sophisticated security and data control systems. "In short, staff does need to be better prepared to not take actions that will lead to potential data leaks," he said.

"The longer answer is that while most organizations have not yet reached the optimum levels of employee awareness, willingness, and ability, there is a limit to what is humanly possible," he added. "The most effective levels of control require a combination of human attention and security automation."

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems
ethical hacking

Defense Dept. expands vulnerability disclosure program to all publicly accessible defense systems

5 May 2021
Security researchers take control of a Tesla via drone
ethical hacking

Security researchers take control of a Tesla via drone

5 May 2021
Best free malware removal tools 2021
Security

Best free malware removal tools 2021

5 May 2021
Acuant acquires identity verification provider Hello Soda
mergers and acquisitions

Acuant acquires identity verification provider Hello Soda

4 May 2021

Most Popular

Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021