1) Prepare for war
As motives have changed, levels of determination have increased – these are more than one-off threats and require a different mindset. Ring fence priority areas but prepare for a worst-case scenario.
This new breed of hackers has time to burn and will persist until every potential vulnerability has been exposed. To combat this, defend ‘crown jewel assets’ first but stay alert – areas perceived as low risk often provide an easier route in for patient attackers.
3) Brace for impact
Discover if you are a target and assess your capacity to ‘catch’ threats.
Thoroughly review your current defence strategy, mechanisms and risk landscape. Assessing your vulnerability and existing security capabilities can highlight weaknesses in processes, systems and controls.
5) Learn from your mistakes
Organisations that are successful at avoiding security breaches are often highly focused on managing data security and learn lessons from their own, and others’, experiences.
6) Watch and learn
A rushed reaction can give the perpetrator more information about the organisation and its defences. Watch and learn rather than giving away vital information with an immediate response.
7) Don’t go it alone
Include all stakeholders and regulators in the security process and work together to evade and prepare for attacks. Create a cross-organisational incident management plan involving HR, Risk and PR. Take the data loss issue to the very top of the business so that executive level support is secured.
Educate users to avoid sharing confidential information on social networking pages and to be wary of unknown links or contacts.
9) Plug the mobile leak
The rise of sophisticated personal mobile devices in the workplace can create a potential security ‘gap’. Educate users and embed effective security software and management to protect from leaks within (through employees themselves) and from without.
10) Accept the consequences
In the event of a breach, notify all customers, regulators and stakeholders early and detail the action being taken. Ensure that investigation and crisis management capabilities are comprehensive and fast to protect reputation, as well as data.