Cybercriminals are ruthless. Hackers are constantly developing malware, searching for vulnerabilities and finding ways to steal corporate data from enterprises and small businesses alike. From intellectual property and trade secrets to Social Security numbers and passwords, they will not stop until they have the information that they work so hard to extract from databases and servers.
All of those activities take place before organizations have any idea that attacks are being planned against them. Perhaps this is why there have been so many data breaches lately. Regardless of the frequency of intrusions, how are enterprises dealing with the threat and aftermath of intrusions and data theft? The answer to this question can take many forms.
Data breach strategies
Before diving into the financial impact of data breaches, it is important to put incident response policies and procedures under the microscope. InformationWeek contributor Kelly Jackson Higgins cited a recent Ponemon Institute study on incident response plans, which found some positive and negative information. For example, almost three-fourths of U.S. Fortune 500 businesses recently prepared for cyberattacks by creating plans and teams ready to handle an intrusion. However, only one-third of those companies considered those strategies to be effective if they experienced a data breach.
The problems seems to be that very few business leaders have any idea of how to mitigate the damage, bad press and loss of trust that they can expect after losing customers' personal information. Their incident response plans are often focused on security and not on protecting the company's reputation. Higgins wrote that 68 percent of C-level staff and executives do not know how to deal with negative publicity and 67 percent are unaware of how to earn back customers' and clients' trust and confidence.
"They are more prepared, but not practiced, in data breach response," Michael Bruemmer, vice president of data breach resolution at Experian, told the source. "Despite increased awareness, the business leaders who responded [to the survey] are not necessarily confident in their company's response."
If more organizations focused on how to adequately deal with the aftermath of data threats, then the impact could possibly be less severe. Bruemmer added that preparing for a data breach involves creating a team instead of an exercise, suggesting that there needs to be a dedicated effort to rebuild brand reputation after the fact. It is hard to determine exactly what the data leak will include, so some plans need to be formed immediately after the intrusion is discovered.
Purchasing cyber insurance
Creating a strategy is one aspect of dealing with a data breach, and some businesses are implementing cyber insurance as another. This is just one method of dealing with the huge impact of intrusions on a business's revenue. Lockton, a cyber insurance broker, recently created a report detailing the usefulness of insurance. The report noted that Target's profits fell by 40 percent following the company's data breach. Additionally, the retailer spent $61 million on legal fees, forensics, public relations, crisis management and a new breach notification system. Insurance covered $44 million of that. However, the report cited a Gartner analyst's estimation that including lawsuits, investigations, the formation of a response team, fines, security upgrades and loss of revenue, Target will have spent between $450 and $500 million handling the intrusion.
Implementing prevention plans
The problem is that many businesses are relying on static defense model such as antivirus and intrusion detection, but that is not enough to prevent large systematic data breaches. In some cases, breaches are simply caused by lack of email encryption or cloud security.
Email is one area that needs far more protection, especially with Gmail and cloud-based Outlook instances. These systems do not have adequate and easy-to-use email encryption. Ivy Schmerken, another InformationWeek contributor, reported on Sandton Capital, a large private equity firm, which was seeking cloud security and email encryption tools. The business looked into Google offerings only to find that the process was less than seamless, as the task of encrypting and decrypting was far too difficult and unintuitive.
Even though Sandton Capital's executives wanted to be protected from hackers, they also needed to prove to clients and other outside parties that they were making attempts to protect emails containing legal documents. The answer for this private equity firm is to find a provider that can grant both easy-to-use email encryption tools and a secure cloud service that can host all of its applications and data.
A third-party email encryption and cloud security service can help businesses across industries to mitigate the chances of a data breach, and with the simple tools that companies like that provide, employees are likely to never forget to encrypt an important legal, financial or health document. Not only will organizations have peace of mind, but they will also be able to lighten the heavy load on their IT departments' shoulders, allowing them to focus on keeping the business running.