- Bank Web sites full of security holes
- SCO Group: Its future is all used up
- Maligned feature being added to IPv6
- I returned my iPhone 3G after six days!
- VPNs: Six burning questions
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Second in a series of stories on key security issues being discussed at The Security Standard event on Sept. 10-11 in Chicago.
Believe it or not, a data breach isn’t the worst thing that could happen to your organization. Reacting poorly to the incident could be, however.
Experts agree every organization that stores personal or financial information about customers, partners or employees, or that has intellectual property in electronic form should be considered a target — that’s arguably just about every organization doing business. Instead of assuming data breaches happen only to large financial services companies or retailers, companies large and small in every industry should be prepared to react to help minimize damage and quickly restore customer confidence, they say.
“It makes all the difference in the world” if a company is prepared to respond to a data breach or other type of cyberintrusion, says Tom Bowers, managing director of Security Constructs, a security services firm based in Philadelphia.
Here is a list of what companies should do and what they should avoid doing in the case of a data breach, besides putting a computer-emergency response team in place to react to such incidents (see “How to create a computer-emergency response team”).. The list is compiled from interviews with consultants and security experts who have had to deal with these incidents or who have been called in to help companies immediately following an attack:
This seems obvious, but in the stress and confusion of the moment, the importance of knowing exactly what happened can get lost. Once evidence of a potential data breach has been uncovered (customers complaining of fraud alerts on their credit cards, server logs showing unauthorized access to sensitive data, and so forth) security professionals should work with the IT team to determine whether a breach happened and how it happened, and to fix the weakness if possible.
“You need immediate containment; that’s where the network and system folks jump in, and you need to let that team do its job,” says Ed Zeitler, executive director of the International Information Systems Security Certification Consortium (ISC2) and former CISO of Charles Schwab.
If the IT manager is knowledgeable regarding Cisco technology, he would have 2 options. Option 1 - Consult...- Anonymous
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comment