Suffering a data breach has almost become a rite of passage for many organisations. With such a complex and dynamic array of threats across the digital landscape, it has become nearly impossible to prevent 100 per cent of security incidents and data breaches from occurring. 

For those organisations who have suffered a data breach, the first question is normally: how did this happen? Finding the answer to that question helps to answer an even more important one: how do we prevent this from happening again? 

Unfortunately, the sheer variety of security threats means that protection from one doesn’t necessarily mean protection from another. There are some steps, however, that can help you emerge from a security incident with a more robust and mature security posture.

Step 1 — Finding out what happened

Beyond helping you to prevent a similar data breach, your organisation is likely required to report the details of a data breach to regulators. For organisations that hold data on EU citizens, the EU’s General Data Protection Regulations (GDPR) require a breached entity to provide full details of the breach within 72 hours. While New Zealand currently has voluntary notification, the government is pushing forward with legislation that resembles Australia’s Notifiable Data Breaches scheme. 

Of course, this easier said than done when Ponemon research reveals that it takes an average of 197 days to discover a data breach in the first place. In the event of a data breach, your incident response team should set out to understand: 

  • Which datasets were breached? 
  • Who is affected? 
  • Who has access to those datasets? 
  • What protection is in place currently?

Step 2 — Measuring your current security posture

Before you can begin implementing new security measures, you need to understand exactly what needs protection. By conducting thorough data discovery and classification processes, you can establish exactly where and how your most sensitive data is being stored. 

From this point, you can begin assessing your current security tools in relation to the level of risk that each data set carries. Some lower risk data won’t require the same level of protection as sensitive customer data for example.

Step 3 — Create an incident response team

Your ability to recover and respond to a data breach or security incident is almost as important as your ability to prevent a breach. Creating an incident response team will allow you to assign roles and establish a careful process for limiting the damage of future breaches. 

Part of the will involve assessing the necessary skill sets of your current team and identifying skill gaps for recruitment, or for engaging with a managed security services provider. Once assembled, your incident response team can routinely test your incident response plans for a variety of scenarios, enabling you to greatly reduce the fallout from a breach or attack.

Step 4 — Adopt a zero-trust security posture

If a breach is inevitable, a zero-trust security posture allows you to assume that no one with data access is 100% trustworthy. Although it may sound draconian, this approach ensures you have security solutions that segment and monitor use access and protect data itself. 

Part of a zero-trust security approach is the need to focus on endpoint security so that every device connecting to your network and applications is protected. While user awareness training is vital for limiting social engineering attacks such as phishing, having inbuilt security features on each device is the only way to stay completely secure. 

For organisations who want to ensure their end users are always secure, particularly with a large remote workforce, HP EliteBooks, powered by Intel® processors, are equipped with the most advanced device security on the market.  

  • HP Sure Sense – Harnesses the power of deep-learning AI to identify and quarantine never-before-seen attacks
  • HP Sure Click – Protect from websites and attachments with malware, with hardware-enforced security
  • HP Sure Start Gen5 – Firmware attacks can completely devastate your PC – stay protected with this self-healing BIOS.
Related industries
Financial services
Related solutions
Security