Secure file sharing solutions are designed to prevent data breaches and lesson the impact of lost or stolen hardware. However, criminals are persistent and accidents happen, so even companies with the best systems in place need to be prepared to respond if something does happen. In fact, no information security solution is complete without a well-oiled incident response plan.
Companies lack response plans
Despite the importance of an incident response plan, a significant percentage of businesses are falling behind, leaving them more vulnerable to the high costs that can accompany a data breach. Reporting on Arbor Network's "Cyber Incident Response: Are business leaders ready?" report, Security Magazine explained that 1 out of 3 businesses lack an incident response plan. This means that although 77 percent of companies said they had experienced a breach, only 67 percent are prepared to react effectively and efficiently should one occur. Responding to security breaches in a timely matter is crucial, whether they're caused by hackers accessing the network or employees losing devices containing corporate information.
"It's quite common for us to come across companies that have no or inadequate incident response plans," BH Consulting Founder and Analyst Brian Honan told the news source. "It's a big challenge getting big organizations to invest in incident response - and it's challenging for CISOs. They've got to get the companies to spend on the security to protect the business, and they also need money in case the investments don't work. It can be a hard sell."
However, it's well worth investing both in secure file sharing solutions and in developing well-laid response protocols, since these measures can help businesses avoid the at-times astronomical costs of a data breach. While not all incidents carry the multimillion-dollar price tag that Target's breach has amounted to, the expenses can add up quickly as companies deal with legal repercussions, offer credit support to affected individuals, recover from data losses and work to smooth ruffled relationships with customers.
Responding to a breach
Once a breach has been detected, companies need to move swiftly but carefully to identify the nature and scope of the incident as well as work to contain and mitigate its effects. According to Mondaq, data response plans should include the following elements:
- Confirm whether a breach has occurred, drawing in the appropriate technical experts
- Evaluate its nature and scope, especially with regard to sensitive and regulated information
- Identify legal obligations, such as contractual agreements to notify clients and regulatory requirements for contacting authorities and impacted parties
- Involve senior management in decision making, especially with regard to legal issues
- Notify the necessary parties with clear, prompt information
- Remediate and mitigate, working to contain the breach and offer protective services to people whose information was exposed
- Work with government investigators, providing them with the necessary information and documentation
These elements should be part of a response plan that companies create based on their unique network systems and data management solutions. They should also work with managed service providers, such as managed file transfer, to know what to expect from them should something happen to their system.