Cybersecurity breaches have become more common as society continues its embrace of internet connected technologies and businesses grow their collections of data.
On average, there was one breach involving at least 30,000 records reported every three weeks from 2015 through 2017. While some breaches are remembered for the number of records lost, others may be remembered not only for their size but also for the way the breaches were managed.
Over the past few years we have seen how poorly managed breach responses have hurt consumer confidence, impacted stock values and drawn the attention of elected officials, regulatory bodies, watchdog groups and the media.
Collections of data combined with human nature, poor operational practices, bad luck and motivated attackers support the adage of, “not if, but when” when talking about data breaches. The best situation most businesses and their information security teams can hope for is early detection and a slowing or disruption of an attack that minimizes the impact of the incident.
Some organizations have developed extensive plans that address the technical aspects of computer and network intrusions, but those plans do not always include administrative functions such as communications and public relations.
Incidents are often stressful and developing a coherent communications strategy during a crisis is a challenge that can be avoided. Instead of developing the strategy during the crisis, those resources would be better utilized executing the strategy.
The previous eighteen months have provided examples that demonstrates what happens when a company either lacks a comprehensive communications and public relations strategy or is not able to effectively execute that strategy.
VerSprite's emergency response teams will help your organization identify, contain, eradicate, and respond to security incidents. View VerSprite's Digital Forensics and Incident Response Services →
We use our expertise to implement a practical strategy for incident response preparation and management, intrusion hunting/compromise assessment, and prevention and remediation recommendations.
Developing an incident response plan takes time and effort and while there aren’t many shortcuts for doing the actual work, our presentation, Messaging for a Security Breach, provides examples and guidance for developing or refining the communications portion of your organization’s incident response plan.