With phishing, ransomware and account hacking on the rise, many companies have taken steps to further protect themselves and their data-in-motion. Preventive measures will decrease your risks, but what do you do if you are breached? How do you handle the aftermath?
A number of questions arise: “What did we do wrong?”, “How could this have been avoided?”, “What can we do better?”, and, of course, “How do we get back to normal?”.
In the aftermath of a breach, it is crucial to consider not only how to harden the environment from an IT standpoint, but also how to build a maintenance plan. The lessons learned to ensure you’re not breached again are to determine ways to improve detection and response, available skills, and communication. This is also the time to strengthen your cyber insurance and governance.