Though 2018 hasn’t reached half way, the number of data breaches thus far in the US through to March 27th has seen more than 250 data breaches, with more than 5.4 million records exposed. In comparison to last year there has been a decline of 36% during the same period of time which saw 392 data breaches, according to the Identity Theft Resource Center as reported by 247wallst.com. Whilst this certainly is an improvement, by no means should businesses and organisations get complacent as cyber criminals often seek out the easiest targets and this may just mean that a different attack method or approach will be sought instead.
In terms of industries targeted so far this year, the business sector has been compromised the most with 107 incidents. These compromises have exposed 3.4 million records. The second most targeted industry is the medical/health care sector, with 67 data breaches, of which 780,000 records have been exposed. Even though the business sector has been targeted more, medical/health data on the black market is considered more valuable to cyber criminals, as there are many more lucrative ways to use it fraudulently.
Incident Response Plan
Even though in the US reported data breaches are down, businesses should prepare for the worst case scenario and have a plan. One of the most important steps that a business should consider is creating, maintaining and distributing a detailed Incident Response (IR) plan. This is a formal document, which should contain the following important information:
- Definition of the parties within an organisation who are responsible for security and the maintenance of the IR plan
- Breakdown of potential breach scenarios that are relevant to the business
- Description of the specific actions that need to be taken in the event of a potential breach. This should include clear definition of responsibilities for those taking specific actions
- Complete list of parties who need to be contacted and importantly, how they can be contacted. This should include information related to whether out-of-hours cover exists and if not, what actions should be taken in the event of a security incident occurring at these times
- Definition of any third-parties who may be relied upon, contacted or otherwise involved following a breach, for example managed service providers of network/security systems
Care should be taken, throughout the creation of the IR plan, to make sure that the material contained within it, is relevant and specific to the business(es) it will be supporting. In many cases, a poorly thought out IR plan can be more of a hindrance than a help, especially at a time when clear-thinking and the speed of response to a breach can be critical. Here at Sysnet we have developed an Incident Response Plan that can be shared, download it here.
Many business find security and compliance complicated, Sysnet’s Proactive Data Security services provides support and tools that guides smaller businesses through cyber security and compliance. Our white labelled services not only reduce risk but also provide a healthy alternative to non-compliance fee revenue for your organisation. To learn more about Proactive Data Security click on the request a call back form below.
If you are a merchant that requires technical or PCI DSS help, please click here