Improvements to Make During the Aftermath of a Breach

Aftermath_Breach
In the aftermath of a breach, it is crucial to consider not only how to harden the environment from an IT standpoint, but also how to build a maintenance plan.

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

Improvements to Make During the Aftermath of a Breach

Aftermath_BreachWith phishing, ransomware and account hacking on the rise, many companies have taken steps to further protect themselves and their data-in-motion. Preventive measures will decrease your risks, but what do you do if you are breached? How do you handle the aftermath?

A number of questions arise: “What did we do wrong?”, “How could this have been avoided?”, “What can we do better?”, and, of course, “How do we get back to normal?”.

In the aftermath of a breach, it is crucial to consider not only how to harden the environment from an IT standpoint, but also how to build a maintenance plan. The lessons learned to ensure you’re not breached again are to determine ways to improve detection and response, available skills, and communication. This is also the time to strengthen your cyber insurance and governance. 

How Do You Improve in These Areas?

  • Regarding detection and response, such as implementation of a managed detection and response service, you need to assess what you had in place and identify what is missing in order to further protect your environment.

  • Identify what available skills your team has that can be further utilized. Increase staff training and security awareness programs throughout the company to ensure all end users understand security protocols and best practices.

  • If communication breakdowns occurred, make sure an improved incident response plan is built including access to the right level of security and forensics skills. Consider an incident response retainer.

  • If cyber insurance is incomplete, focus on a policy with the right levels of protection as well as connectivity with the incident response plan to ensure timely notification in order to receive compensation.

  • In the area of governance, learn from the breakdowns and rebuild confidence by gaining buy-in with leadership on the importance of not only a plan, but a regular testing strategy. 

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »

9 Tips To Decrease Your Security Risk

When you make changes within your organization, remember that you’ll need to make changes to your cyber security program too. Review these tips to be sure you’re doing all you can to decrease your risk.

Read More »

Security is a Team Sport

When IT professionals are faced with safeguarding their business’ digital infrastructure they are flooded with options leaving most people overwhelmed and in more of a quandary of when then started. So how is one to choose?

Read More »
MDR_Technium

The Intricacies of MDR

MDR sounds simple; it is only three letters, so how complicated can it be? The answer to this may surprise you. Managed Detection and Response (MDR) is more than just overseeing what’s happening in your environment.

Read More »

Penetration Testing 101

Penetration testing (or pen testing) is a process by which software is utilized to probe a network and its elements for security risks. The job of security is always to focus on reducing the attack surface. Pen testing is what allows you to do this.

Read More »