Data breaches are common and are becoming more dangerous every day. Cards Technology founder and CEO Sam Card shares some best practices on how to protect your business from breaches and how to respond when – not if – you have a data breach.
Sam Card: One of the first impacts of a breach is to your business reputation. You owe it to your customers to let them know about the hack; unfortunately, this can mean your customers now view your business as risky and unprofessional. To help mitigate that, you may have to subscribe your clients to an identity monitoring service for a year which could cost thousands of dollars. Add credit restoration services to the mix and cost becomes another impact.
The main impact, of course, is to your data security. With access to your sensitive information and server, hackers can use your system for illegal activities like crypto mining where they mine bitcoin all day – using your computers. Or, they may even host an illegal web site using your server.
Sam Card: Develop and implement a breach response plan so you and your team know what steps to carry out. Part of this plan includes assigning people to an incident response team which typically includes an executive team member and staff from IT, legal and public relations.
Sam Card: It’s all about how you deal with the situation. I think as long as you’re truthful and honest throughout the whole process, customers are going to be understanding. It’s important to be prepared and to let customers know what steps are being taken to protect their information. If you’re caught unprepared, you’ll look silly to customers. Many businesses are not having business continuity and disaster recovery (BCDR) conversations with their IT providers, and this is a mistake. Regardless of the size of your business, hackers are targeting you and you need to be prepared.
Sam Card: I don’t think you can ensure that – it’s not if you suffer a breach but when. When you engage with a Managed Service Provider, a certain level of security is put into place based upon how much you are willing to risk and how much you pay to prevent cyberattacks. So, you are protected from the things your system is designed to monitor. Unfortunately, there’s always some new hacking tool or cyberthreat out there that you aren’t protected from. So, it’s possible that you will go through more than one data breach. The best practice is to talk with your cyber security provider to make sure you have the right balance of security and risk for your organization.