Kaspersky advises recovery steps for individuals and organizations after data breach
Kaspersky’s experts have expected the trend of personal data leaks to continue into 2023. Even though it directly influences individuals’ privacy, corporate cybersecurity is put at risk as well. People often use work email addresses to register with third-party sites, which can be exposed to a data leak. When sensitive information such as email addresses become publicly accessible, it may invoke the interest of cybercriminals and trigger discussions of potential attacks on the organization on darknet websites; additionally, the data can be used for phishing and social engineering.
Any organization today has to “assume breach,” from the smallest company keeping an offline backup away from the office to the largest enterprise looking to implement an advanced defense solution stack. Because the cost of a data breach includes not only financials to deal with recovery after attack, but also reputation damage and loss of business continuity.
Kaspersky’s experts recommend the checklist to ensure business can get back on track sooner and to strengthen your IT security operations after a data breach;
1. Assess the situation
Assess the data breach’s risk to customers. Risk assessment lets you decide the next steps, including whether to report the breach. If it’s a high risk to customers, you must inform them without undue delay.
2. Keep your CISO
Unless the incident can be directly attributed to an irreversible failure on the part of the CISO, don’t fire them to appease customers or shareholders. Your CISO will have the experience and knowledge you need to see you through this issue.
3. Be transparent and helpful
Don’t try to cover up the breach or hide details from those affected. When you tell customers what happened, give them advice on what to do next.
4. Make sure you notify everyone affected
If you’re processing data for other organizations, don’t forget to tell them about the breach. They will have steps they must take too.
5. Document everything
Document every data breach, even if you don’t have to report it. Record what happened, the steps you took and why the breach was reported or not reported.
6. Invest in building a cyber-aware culture
Strengthen cyber-awareness training for all employees. This can help your employees work together more effectively in the face of cybercriminals, and appreciate the difficulties the security team faces keeping the organization safe.
7. Plan your breach recovery strategy
The best time to prepare for your recovery from a breach is before it happens. Take one step today, maybe start to look at how your organization would detect a breach, or how you can test the detection capabilities you have.
Kaspersky experts also suggest deploying a comprehensive defensive concept that equips, informs and guides your team in their fight against the most sophisticated and targeted cyberattacks like the Kaspersky Extended Detection and Response (XDR) platform.
For individuals, below is a step-by-step guide detailing all of the measures you’ll need to take if you believe that you’ve been a victim of a personal data breach.
1. Figure out what data was breached and check for updates
If you have received a notification from a company stating that your information may have been exposed, or perhaps you saw information about a leak in the media, you should check with the company and ask them what type of information that includes. The most common forms of stolen personal data are name, email, password, phone number, ID number, address, and credit card information.
2. Update any exposed credentials
Change your password right away when in doubt. If you have reused your password on multiple sites, it is important to update all logins and follow good password hygiene. In general, it is best practice to have multiple passwords that are updated regularly (every 3 to 6 months). Use a password manager to keep track of everything.
3. Sign up for two-factor authentication
Double your online security by signing up for two-factor authentication (2FA) wherever the option is available. It is an extra level of security for your online accounts that requires you to enter an additional piece of identifying information.
4. Monitor all of your accounts
One set of exposed credentials can be easily cross-checked across many different websites, social media pages and subscriptions/memberships. It is important to watch for any strange activity in your accounts, such as new purchases, password changes and logins from different locations.
5.Protect your financial privacy
If payment information was leaked as part of a data breach, you should ask your bank to lock or pause your cards right away and send you a replacement one. If your financial details have been exposed and you have seen changes, you should take steps to freeze your credit. There is no cost incurred by doing this and it will prevent malicious actors from opening new credit accounts in your name.
