This week is Privacy Awareness Week, a timely opportunity to remember that maintaining data privacy is heavily reliant on having effective IT security. However, this needs to go well beyond measures that just protect systems against attack.
With the threat landscape constantly evolving, organisations of all sizes are forced to invest significant sums to ensure their systems can withstand a range of attacks. In most cases, a high proportion of this spend is allocated to tools and services that secure core systems, applications, and databases.
However, this approach can result in a significant shortfall in capabilities. It doesn’t ensure the organisation can respond quickly and effectively if an attack takes place. As a result, data privacy can be compromised with long-term reputational and legal consequences.
A response plan
As well as preventative security measures, it’s important for an organisation to also have a comprehensive plan in place that can guide any response to a successful cyberattack. This plan needs to be in place well ahead of time and cover a range of different factors. These include:
- Review back-up procedures: A first important step is to carefully review the methods being used for data backups. Determine where the backup files are being stored and the security in place to protect them. Also, review how long it would take to restore critical files and get systems up and running should an attack occur.
- Create an action plan: If an attack is experienced, it’s vital to have a plan that details all steps that need to be completed. This should include everything from isolating infected systems to checking the extent of any data loss. The plan should be fully documented and made available to all staff who would be involved in a response.
- Minimise disruption: Any attack is likely to have an immediate impact on business activity. For this reason, it’s important to understand what will be required to get things up and running again as quickly as possible. Steps many include spinning up applications on different hardware or shifting operations to a disaster recovery centre. Getting things back online rapidly is vital to ensure losses are kept to a minimum.
- Conduct a privacy audit: It’s important to have a clear understanding of what data is stored where across the organisation. This will allow security teams to quickly access exactly what has been compromised and the impact this could have for privacy. Conduct regular audits to determine where critical files are stored.
- Develop a contact list: Should an attack occur, it will be important to notify any parties that could experience an impact. This could be anyone from customers and suppliers to staff and business partners. Once the extent of the attack is understood, these parties should be contacted as quickly as possible with the details.
- Identify the security weakness: Successful cyberattacks will have managed to exploit a weakness in an organisation’s security defences. Carefully examine the entire IT infrastructure to determine how the attackers gained entry and take steps to ensure it can’t happen again in the future.
- Educate staff: All too often, attacks occur as the result of actions taken by staff members. This could be anything from visiting an infected website to opening an email attachment from an unknown source. Conduct regular education sessions to ensure staff understand the risks and the steps they need to take to prevent attacks.
Ensuring effective data privacy is maintained at all times is no easy task. As well as having preventative measures in place, it’s also important to take time to consider what the response should be if and when an attack takes place. As well as enhancing privacy, this will ensure that operations can resume again as quickly as possible.
