Cybersecurity, data breaches and data protection – if you haven’t heard these terms before you really need to do your homework. According to Accenture’s Cost of Cyber Crime Study, cyber- breaches have almost doubled since 2012 and an average of 130 disruptive incidents had been recorded by the end of 2016.
With the steady expansion of the Internet of Things, and companies making efforts to shift their businesses to the cloud, the number of potential targets for cybercriminals has grown, making cyber-security worries even more justified than ever before.
Looking back, 2016 was actually a year of optimism and good news for data protection. After four years of preparation and debate, the GDPR was finally approved by the EU Parliament. But hopefulness was short lived as 2017 came with a surge of cyber-attacks and data frauds, resulting in massive concerns around the Global Risks Perception Survey (GRPS). The threat of a cyber-attack had finally made it to the top of the list of the most grievous risks affecting the global, economic and political order.
As businesses kept on reporting disruptive events, the pendulum of blaming and shaming for data negligence swung from public sector organisations such as the NHS, to corporate ones like Yahoo, Deloitte, and Equifax. Companies were condemned for security complacency and data protection violations that were described by the media as equally harmful to data subjects as the advancements of cyber-hacking itself. Yet, the damage done to their reputation was only one side of the coin – the financial consequence was the other. Trust in compromised businesses was shrinking, and the costs of responding to cyberattacks were soaring.
According to the study of 254 companies across seven countries including Australia, France, Germany, Italy, Japan, United Kingdom and the United States, the global average spent on cyber-crime in 2017 was estimated to be 11.7 $ million. The largest costs recorded were directly related to the influx of ransomware like NonPetya, demanding payment in Bitcoin to unlock infected infrastructures.But among large companies, a higher proportion of costs was related to malicious DDoS attacks, bringing their business continuity to a halt.
Examining the trajectory of cyber-attacks proves that full recovery after Data Protection Breach is only possible if efforts are made to meet technology and data protection compliance ahead of disruptive incidents. Even though there is no “silver bullet” for all cyber-related crimes, cyber-security advocates believe that businesses and organisations should implement protective and proactive measures to keep their infrastructure safe.
Four ways to recover from a Data Protection Breach:
- Assess the damaged caused – Compromised security infrastructure doesn’t have to turn into a failure of the business continuity management system, unless you and your team know how to approach a disruptive incident properly. Secure the premises and affected systems, note the time and date of the breach and contact a disaster recovery team, to assess on the damage and advise on further steps.
- Don’t hide it. Report it – From May 25th 2018, data controllers and data processors will be subjected to a data breach notification regime.This means that data processors will be obliged to inform data controllers, of any incidents in which personal data might have been compromised.
Similarly, data controllers will have to report data breaches to their supervisory authority, and in some cases to people whose personal information might have been affected by an authorized access. Such notifications should be delivered by data processors once the incident was discovered, without undue delays. Data Controllers will have 72 hours to contact the supervisory authority.
This means that businesses will need to create, and follow, their internal breach notification procedures,especially in the event of data breach. Incident identification systems and incident response plans need to be integrated into business operations.
In the occurrence of a disruptive event, these procedures should be approached as important steps of your recovering strategy.
3. Follow the implemented recovery programme– a recovery program is a step by step manual, of what is needed to be done to reactivate your IT infrastructure, to avoid costly outages. This is especially useful in cases disruptive events and needs to be planned for in advance.
The objective of any recovery service is to be able to retrieve all of your lost data from a secured recovery center and connect it to a safe backup infrastructure while Data Recovery Team works to restore the infected computer infrastructure
If your IT resources are hosted on your premises, you will have a right to decide which recovery processes can be maintained in-house, and which should be outsourced. All recovery programs should be tailored to your time and recovery point objectives (RTOs/RPOs).
- Provide ample work space for your team – unless you run a tiny startup, the chances that you will be able to squeeze all your team in a cafe, are unrealistic. You can assume people will be able to muddle through work for weeks while working from home, but soon you will realize that this only makes the whole situation even more difficult.
If a disastrous event compromises your on-site infrastructure, it’s a good idea to consider secured and customized Workplace Recovery Services, equipped with networked PCs and high-speed Internet. This will help your team do their work with minimum disruption while your databases are being restored.