As part of the ongoing Zarwin Baum Breakfast Series, on September 13, our firm hosted ‘Anatomy of a Cyber Data Breach,’ featuring expert opinions from Zarwin Baum shareholder Ted Schaer, Beth Fitch of Righi Fitch Law Group, Ken Pyle of DFDR Consulting, and John Nahas of Marsh Risk Consulting. First discussing the importance of proactive preparation, the panel of experts dove into the five stages of a cyber breach, and what each stage entails.
With cyber data breaches on the rise, preparation has become increasingly important. Schaer said companies should be familiar with the type of information hackers are seeking out, which includes Personally Identifiable Information (PII) like social security numbers, Protected Health Information (PHI) like medical records and healthcare payments, and credit card information. Even documents that may seem harmless can be a risk – Nahas noted that hackers can find ways to monetize anything. Effective preparation also requires a comprehensive data breach plan that specifically notes how each department should respond, and what the data security laws are in your state.
Successfully prepared companies will have an easier time navigating a cyber-attack, but the process can still get dicey. Here are the 5 stages of a cyber breach and how to handle them:
Stage 1: Suspect a Breach. Whether it’s a system irregularity, a report from an employee or vendor, or a customer complaint, no suspicious activity should be ignored. Fitch stresses that all employees and stakeholders should understand their responsibility in reporting anything unusual.
Stage 2: Confirm the Breach. If the compromised system contains private data, then a breach can be confirmed. At this point, timing is critical. Schaer suggests immediately contacting your legal counsel before making any decisions.
Stage 3: Remediate. Close the hacker’s method of entry and mobilize all teams to perform their assigned cyber breach duties. This includes internal and external teams, the legal team, the forensics team, and the PR team.
Stage 4: Assess the Damage. Determine the scope of the breach by identifying who and what was compromised. Preserve the evidence, including what occurred, when it occurred, and why it occurred.
Stage 5: Mitigate. Notify stakeholders, law enforcement and the public of the data breach your company experienced. Oftentimes, the attempt to cover up a hack is more damaging than the hack itself.
With best practices in place, companies can overcome cyber breaches. It’s important to remember, however, that past data breaches don’t necessarily predict future exposures, because risk is always evolving.
To continue the conversation on cyber data breaches, contact Ted Schaer at firstname.lastname@example.org.