7 Questions You Need to Be Able to Answer After a Cybersecurity Event

In the past 2 weeks, there have been three (more) high-profile cybersecurity breaches disclosed, impacting three very different organizations – and hundreds of millions of individuals worldwide. Marriott reported hackers have had access to the reservation systems of many of its hotel chains for the past four years, a breach that exposed private details of up to 500 million customers; Quora, the crowdsourced question and answer site, reported the potential exposure of 100 million users due to a third party gaining access to its systems; and the National Republican Congressional Committee has found a hack that has compromised emails from senior aides.

All of these organizations are savvy enough to know they are a probable target for some kind of cybercrime. And it is safe to say all three have likely taken some precautions to mitigate the risk of such an attack. Yet here we are.

What has become more evident is that cybercrime will affect most businesses and needs to be a top consideration for anyone in business today. It could be a ransomware, password or botnet attack or it could be something entirely new. Technology is changing at a rapid pace, and cybercriminals are too sophisticated and creative for any organization to reasonably keep up with every possible vulnerability.

So IF and WHEN an attack affects your organization, your ability to answer and action these important questions could have a significant impact on your business: What steps did you take to protect your sensitive information? Your customer and financial data? How are you positioned to triage and respond? And if you are an industry that is regulated, the questions get more detailed and consequences more severe.

Your Checklist:

Having helped organizations stabilize and strengthen their security posture for over 15 years, DataEndure has put together the top 7 questions you want to be certain you can address in the event of a security incident.

1. Was any data compromised (and if so, what data?)
2. Is the breach still occurring?
3. Who was responsible? (internal or external, malicious or accidental?)
4. Was your sensitive information encrypted?
5. Do you have a response plan and are you able to execute it?
6. What are your legal requirements for data protection and have you satisfied them?
7. What are your specific legal/regulatory requirements in regards to notifications to the market and affected constituents. Does your response plan include this element, and take into account the costs associated with it?

If you don’t know or can’t answer one or more of these questions, seek an expert who can help you prioritize and implement the appropriate measures to protect your business.

Cybercriminals are banking on your being too busy or distracted to make this a priority. Taking meaningful action in these key areas will put you in a position to act quickly and effectively in the event of an incident, and help you minimize the impact of any security event that might affect you.