Got Hacked? Here Are 5 Ways to Handle Data Breaches
All it takes for hackers and threat actors to infiltrate your organisation’s system is one vulnerability – a weak password, exposed sensitive information, and the like. Taking a proactive stance in safeguarding your company’s data is crucial in preventing your accounts and data from being compromised.
But while prevention is always better than cure, the reduction of risks does not necessarily translate to zero breach. Take, for example, huge organisations such as multinational insurance firm AXA or leading cosmetics group Pierre Fabre who were not spared from costly ransomware attacks. Hence, proper mitigation in the event of a breach should also be included in the company playbook. Experts advise that how organisations handle data breaches can be just as critical as protecting against one.
Handle data breaches at the soonest possible time
Before delving into the various ways your team should handle data breaches, it is important to note that response time is of the essence. Responding slowly may worsen the situation, potentially leading to loss of stakeholder trust or even higher financial penalties. Hence, as soon as you discover that a breach has occurred in your company, act on the situation immediately.
1. Notify the authorities and affected parties
In Singapore, the Personal Data Protection Commission (PDPC) is the proper authority to receive data breach reports. This step is especially mandatory if the breach is a notifiable data breach under the Personal Data Protection Act (PDPA). Notifying the agency right away demonstrates accountability on your part. Additionally, the PDPC will be able to assess important factors such as the severity of the breach, action steps to be taken, and financial penalties incurred by your organisation as a result of the violation.
Affected parties must also be informed right away: customers, personnel, and other stakeholders such as the rest of the management team. Your customers must be given transparency on how their compromised data will be handled moving forward. This allows for trust to be strengthened between your organisation and your stakeholders.
2. Cooperate with the authorities
Do you know that how you cooperate can contribute to the decision of the investigating officer regarding your case? Several organisations in Singapore found to have been less cooperative (i.e., slow response time, lying about the severity of the case, etc.) were given higher financial penalties. Your transparency and cooperation demonstrate not only your sincerity to mitigate the incident, but also your willingness to accept full responsibility of what happened.
3. Contain the breach
You don’t want to see your defenses crumble further. To prevent more attacks, you must contain the breach by fixing vulnerabilities both virtual and physical (if relevant). For software or system-related issues, your company must review your own website and other related websites to check if compromising data is retained. If it is, make sure to have it removed right away. As for physical areas, securing them include changing access codes or removing any equipment that has been potentially affected.
When mitigating the organisation’s vulnerabilities, it is vital to work with experts to ensure proper network segmentation, understand the scope of whom is affected, and follow their recommendations to handle data breaches.
4. Talk to the right people
This fourth step on how to handle data breaches pertains to the process of conducting an internal investigation. Companies must take care to talk to the people who found out about the breach and ensure that the personnel understand how and where they can provide the necessary information that may help with the ongoing investigation.
5. Formulate an action plan
It’s not enough that the affected parties are informed of the incident. Your organisation must then formulate an action plan on how you are moving forward from it. How will you manage the compromised data? What will this mean for the stakeholders? What added security measures have you put in place to ensure the incident does not happen again? These are some of the questions that should be included in the action plan that you will then share to the affected parties and individuals, such as the company staff, partners, investors, etc.
In conclusion, how you handle data breaches reflects your organisation’s core values related to the management of personal data and privacy. It is to your advantage to act fast as you cover the 5-pronged approach towards breach mitigation.