Data breaches have dominated the headlines for the past few years. In 2014, some went as far as coining the term the “Year of the Breach.” But 2015 was no different with 781 data breach in the United States alone, accordingly to a report by the Identity Theft Resource Center.
When a data breach occurs, businesses need to act swiftly and efficiently to stop the breach, identify the holes, and communicate with authorities, employees, customers and stakeholders. But how?
In our latest episode of CSID’s podcast, Firewall Chats, we sat down with Corey Ealons, senior vice president with VOX Global, and Sterling Miller, senior counsel at Hilgers Graben, to grab a sneak peak of their upcoming SXSW session, “You’ve Been Breached. Now What?” Together, they plan to show SXSW attendees (and Firewall Chats listeners) the advantages of a thorough data breach response plan.
“Most companies have a good grasp on what they’re dealing with [during a crisis] from a technical side,” Ealons said. “But they haven’t really given a lot of thought to the legal or the communication side.” Ealons has nearly 20 years of experience as a strategic communicator, and assists clients with comprehensive strategies, including educating employees, vendors, and stakeholders on the best ways to protect digital networks.
Miller complements Ealons’ experience, with more than 20 years of in-house practice, and expertise around complex litigation, data privacy, and internal investigations.
“You need to look at [a data breach] in terms of hours, versus days and weeks,” Miller said. “The most critical decisions you are going to make happen right in the immediate aftermath of the breach.”
“Generally, the reason it’s chaos is because most companies don’t have a communication response plan, or even a legal response plan, on the shelf,” Ealons explained. “They’re literally building the bike and riding it at the same time.”
Businesses large and small need to be braced for such an event.
“We know that hackers are really focused on small data sets,” Ealons said. “We’re hearing, now, small businesses are now targets. Even though it’s a smaller cache of data, it’s data [hackers] can more easily access because the security in those facilities are generally not up to what they should be.”
Both agree that proactive planning can help with stress, allowing businesses to recover their operations quickly and help preserve their company’s reputation.
“Have a plan in place to deal with a breach, before the breach occurs,” Miller said. “You need to practice it and keep it updated. Use encryption as much as possible. … And train your employees about good data protection practices.”
At SXSW this Saturday, March 12, Ealons and Miller will discuss how businesses should navigate a breach in their session, “You’ve Been Hacked. Now What?” Attendees will learn valuable best practices for cyber-attack responses and engage with a live crisis simulation.
Listen to our latest episode where we get a sneak peak of their SXSW session at www.CSID.com/FirewallChats, and be sure to catch their session this Saturday.
Save the Date: Our next episode, “Death, Fraud and Taxes,” will air on Tuesday, March 29.