If you‘re in cyber security, you already know that there are a lot of guides advising both individuals and companies what should they do after a data breach. However, there are not that many guides centered around what not to do after a data breach. Treat this guide as a walkthrough towards the right direction.
Picture a scene like so – you‘re a security engineer working at a well-known company and you just had a meeting with your team. In the meeting, the head of the security team has presented you with news that nobody likes to hear – last week, the systems powering the software that is being sold by the company were breached. A data breach is always bad news – no matter the reason behind it. The good news is that the data breach was already confirmed, so alongside with knowing what to do after it has occurred, you should also keep in mind what not to do after it has been confirmed.
First, stay calm and collect yourself, report the data breach to the appropriate body without undue delay (check the laws pertaining to the jurisdiction you‘re in – in many countries the deadline is 72 hours after a company becomes aware of it), then follow the steps outlined below:
Stay calm and walk your team through the steps outlined below – the sooner they will be completed, the better. Opt to search up yourself and your teammates through data breach search engines like the one provided by BreachDirectory and advise your security team to implement the BreachDirectory API into the infrastructure of the application the company is providing – the API will let your company make sure that it does not fall victim to data breaches in the future by letting your team scan through lists of data breaches to make sure your team, clients, and everyone involved becomes aware of possible identity theft as soon as possible.
We hope that this article has provided you with some valuable information – completing the steps mentioned in this article will help ensure your team is on the right path whatever happens. Make sure to read up on our blog for further information in the security space, follow us on LinkedIn and Twitter for future updates, and we will see you in the next one.
What are the best movies on Netflix is a question asked by many movie aficionados.…
Here’s how to master the handling of NULL values without using the COALESCE SQL clause.
Fiverr login is no longer necessary for 30% of its employees: they have been replaced…
Does Postgres use B Tree indexes? If yes, how to use them to best reach…
Learn how to import data from S3 to Aurora Postgres. It’s not as hard as…
Understand the internals of an XSS script and Cross-Site Scripting.