In 2014, Code Spaces, a SaaS provider, was hacked. It all started with a well-orchestrated distributed denial-of-service (DDoS) attack, after which the hackers deleted important data and asked the business for a “large fee” to resolve the issue.
Code Spaces shut its doors a few months later. In a statement, the company explained that they simply could not recover from the security breach.
“Code Spaces will not be able to operate beyond this point, the cost of resolving this issue to date and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility.”
What happened to Code Spaces is any business owner and IT manager’s worst nightmare. And even if you have the most state-of-the-art firewalls in place, the reality is that you can still be hit by a security breach. The trick is knowing how to recover when things go wrong.
Take a look at this list to find what you can do to recover from a security breach.
So something’s gone wrong. The worst thing you can do is hide it from customers and staff. Communicate with all affected parties. If you inform staff about what has happened, everyone can work together to get things back up and running. And when announcing the security breach to the public, be open, offer details about the incident, explain how this affects users and invite clients and customers to participate in a dialogue about what happened.
Communication is a key component of your business' continuity plan. This plan must include scenario modelling in the case of a cyber incident as time is of the essence in a cyberattack, and the response plan must be tailored to manage the customers, shareholders and market impact of the brand.
Often the weakest link in the defence chain is your employees. According to Heimdal Security, your employees are either advertently or inadvertently putting you at risk. Training is the first step to mitigating this risk. By teaching them how to identify suspicious activities and to be cautious of things like unsolicited emails you’re empowering them to keep the business safe. And with the right training they’ll also have all the expertise they need to respond appropriately should a data breach occur.
Check backups and logs
Much like taking out car insurance, backups ensure that a business can get back up and be running as quickly as possible should something go wrong. IT departments must create regular backups, especially of business-critical information, so that no information is lost in the event of a system failure. This allows everyone to get back to work as quickly as possible. Keeping logs helps IT staff to identify how networks and systems were affected by the breach and enable them to better respond to breaches should they happen again in the future.
Where did it all go wrong?
To prevent future attacks, one should identify all factors that may have contributed to the breach. And then, fix these problems. In doing so, you’re simply plugging any holes that could make your business a target for hackers in the future.
Implementing a proactive approach
They say that the best offence is a good defence. It’s easier to effectively safeguard yourself against an attack than it is to respond once a data breach has occurred. A proactive approach to security is all about preventing problems before they happen.
Ensure the basics are covered, have policies and controls in place for:
- Patch management
- Privileged user and Identity management
- Access Control
- Data loss prevention
- Segregation of duties
- Remote Access
- 3rd party access
If your company has adopted a “this will never happen to me” approach to security, it’s time to change your strategy. Everyone is a risk and just one incident could be the difference between success and failure. Just ask Code Spaces. If you’re unsure of your security needs, take a look at our Cybersecurity In-house vs. outsourcing fact sheet.