Compliance

09:00 AM
Claire Giordano
Claire Giordano
Commentary
50%
50%

5 Tips On How To Prepare For A Data Breach

Any financial institution's cyber security defenses will be breached -- again and again. Here are five tips to respond quickly and minimize damage.

Stealing credit card and financial data is a profitable business. Everyone has seen headlines about breaches at Sony, Target, USPS, and JPMorgan. With JPMorgan Chase, personal information for 83 million customers was stolen. The recent attack at Sony Pictures is a stark reminder that the theft of IP is a real possibility — and the recent FireEye FIN4 report characterizes activities of a group that has been infiltrating Wall Street to steal confidential information on business deals and financial markets.

Once you assume that your enterprise will be breached despite even the strongest security team and the best defenses: it’s time to get ready. Here are five tips on how to prepare for a data breach.

1. HAVE A STRONG INCIDENT RESPONSE PLAN
It’s important to create an incident response plan in advance, before a breach occurs. It cannot be an afterthought. Your organization will need a command center, established decision makers, and powerful investigative tools. You’ll need data to do the forensic analysis—so you should be collecting network traffic data now, in advance. And key to your brand and reputation is: what is your communication plan? Who do you need to notify? What will you tell board members? What will you tell customers?

2. ERADICATE COMPLACENCY
T
he military uses war gaming techniques to prepare for battle, and many corporations use dry-runs to improve skills. Adopt these approaches. Simulate cyber attacks to find holes in your incident response. You shouldn’t be executing your plan for the first time when your business is under attack. And while you may not be able to prevent all breaches, you should be diligent in your efforts to reduce the human errors that make it easier for cybercriminals to gain access. Make sure your security patch management is a well-oiled machine, and that your process for cutting off lost employee devices is swift and immediate. One way criminals skirt defenses today is to steal an employee’s credentials via a sophisticated spear phishing attack. The time may have come to adopt two-factor authentication to mitigate the impact of stolen password credentials.

Read the complete article (and all 5 tips for preparing for data breaches) at Wall Street & Technology.

Claire Giordano is Senior Director of Emerging Storage Markets at Quantum, focused on cybersecurity, geospatial, and other demanding government workflows. Ms. Giordano has over 20 years of experience in product management and engineering, and earned an Sc.B. degree from Brown ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
DorisG987
50%
50%
DorisG987,
User Rank: Apprentice
1/25/2015 | 8:54:33 PM
Cybersecurity Boardroom Workshop 2015
President Barack Obama focused on a number of new cyber security proposals that will encourage greater information sharing between the government and corporations. How boards of directors and CXOs can build the proper foundation to address today's IT security challenges is the topic of Golden Networking's Cybersecurity Boardroom Workshop 2015, 2-day seminar well-known cybersecurity expert Edgar Perez will conduct in Dubai, Hong Kong, Seoul, Singapore, London and New York City. This is the first seminar developed for leaders for whom cybersecurity preparedness is a relatively new yet critically important area to be intelligently conversant about.
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.