JM | Jan 25, 2023

How to create a contingency plan for a breach of data

/ Our Today

Reading Time: 3 minutes

January 28th marks International Data Protection Day, established in 2006 by the Committee of Ministers of the Council of Europe. This date reminds us that in today’s hyper-connected world it is more important than ever to protect the most valuable thing our customers, users and employees have: their data.

We are experiencing growth on cyber threats with the arrival of new digital technologies, the permanence of hybrid and remote work models, and the increasing number of critical applications in the cloud. According to data from Fortinet’s threat intelligence department, FortiGuard Labs, in the first half of 2022 alone, a total of 137 billion cyberattack attempts were detected in Latin America and the Caribbean. 

“An incident related to data theft can have serious consequences not only legally but also at a reputational level, which will inevitably impact the operation and therefore the finances of a company,” says Ronald Donaldson, Country Manager at Fortinet Jamaica.

He added that “having an integrated cybersecurity architecture that addresses every access point to the network and avoids complexity by unifying management and control for greater visibility is key to reducing risk and responding to a potential breach.”

Ronald Donaldson, Country Manager in Fortinet Jamaica.

With this in mind, Fortinet’s cybersecurity experts share seven key steps for companies to start creating a contingency plan in case they fall victim to a cyberattack that compromises their organization’s data:

1.    The first and most important step is to make an inventory to determine which data and resources have been compromised or stolen, and which business processes are affected by this. At the same time also analyze which systems in the architecture have been attacked.

2.    It is important to analyse which regulatory requirements have to be met, as a general rule critical data should be kept offline for at least one year.

3.    Review which local authorities and regulatory bodies need to be involved. This is especially critical for highly regulated organisations such as those in the banking, mining, or energy sectors, among others, as failure to do so can result in significant fines.

4.    Collect as much evidence as possible in case the incident has legal consequences.

5.    As the breached systems will need to be quarantined, it is important to have redundancy systems in place so that forensic analysis can be carried out. Quarantine capabilities are especially important to prevent the attack from spreading.

6.    Having the technological tools that allow the IT team to trace the attack path to its entry, so that it can counter and isolate it, as well as identify which other systems have been hacked.

7.    Finally, it is essential to train and raise awareness of cybersecurity issues among all employees of the organization, regardless of which department they belong to, since in this way we can not only prevent them but also have a human shield to help us detect and report any irregularity.

Cybersecurity experts warn that data breaches are on the rise, the most important thing is that organizations are prepared to prevent or deal with the data loss associated with a successful attack. For this reason, companies should concentrate their efforts on implementing an integrated network and digital security architecture that emphasizes incident prevention and response, as well as leveraging artificial intelligence resources to lessen the potential impact of a data breach.


What To Read Next