SecurityMetrics, profile picture
Uploaded bySecurityMetrics
79 views

5 Steps to Manage a Data Breach

This document outlines 5 steps to successfully protect an organization's brand image in the event of a data breach: 1. Contain the breach by isolating affected systems, implementing an incident response plan, and preserving evidence. 2. Investigate to fix systems and prevent further damage by following the incident response plan and assembling an incident response team. 3. Consider public communications by determining notification procedures, identifying spokespeople, and crafting audience-specific statements with legal counsel.

Embed presentation

Download to read offline
Successfully Protecting Your Organization's Brand Image If you suspect a data breach, your goal is clear: stop information from being stolen, and repair your systems so it won’t happen again. The following 5 steps will help you successfully stop information from being stolen, mitigate further damage, and restore franchise operations as quickly as possible. OF BREACHES INVESTIGATED BY SECURITYMETRICS FORENSIC INVESTIGATORS: A BUSINESS TYPICALLY LEARNS THEY’VE BEEN BREACHED IN ONE OF FOUR WAYS: 33%Food Services Retail Trade Hospitality 29% 10% HOTELHOTEL A bank informs you Law enforcement Discovered Internally A customer's complaint DO YOU SUSPECT A DATA BREACH? consulting@securitymetrics.com 801.705.5656 ISOLATE THE AFFECTED SYSTEM(S) TO PREVENT FURTHER DAMAGE. CONTAIN THE BREACH3.3. Implement your IRP Disconnect from the Internet Document the entire incident Disable remote access capability and wireless access points Change access control credentials (usernames and passwords) Segregate all hardware devices in the payment process Quarantine instead of deleting (removing) identified malware Preserve firewall settings, firewall logs, system logs, and security logs Restrict Internet traffic Contact your merchant processing bank Consider hiring a law firm experienced in managing data breaches 2.2.PRESERVE EVIDENCE WHEN YOU OR YOUR FRANCHISEES DISCOVER A BREACH, REMEMBER: Don’t panic Don’t take any hasty actions Don’t wipe and re-install your systems (yet) Do follow your incident response plan START YOUR INCIDENT RESPONSE PLAN1.1. Assemble your Incident Response team immediately Inform franchisees of your IRP Teach franchisees of immediate and long-term actions 4.4.CONSIDER PUBLIC COMMUNICATIONS Determine how and when notifications will be made Know legislated mandatory time frames Identify who is responsible for public statements Seek the guidance of your legal counsel Don't allow employees to announce the breach Craft specific statements that target various audiences INVESTIGATE, FIX YOUR SYSTEMS, AND IMPLEMENT YOUR CYBER INSURANCE PLAN5.5. BRING AFFECTED SYSTEMS BACK ONLINE Ensure all systems have been: Hardened Patched Replaced Tested SET YOUR BREACH PROTECTION SERVICES INTO MOTION Breach protection services can reimburse for: Forensic investigation fees Notification costs Card brand fines REMEMBER, PRACTICE REDUCES PANIC!REMEMBER, PRACTICE REDUCES PANIC! © 2016 SecurityMetrics

More Related Content

PPTX
Website security
byRIPPER95
 
PPTX
Computer security
byCarolyn Brockman
 
PDF
CYBER ATTACK RECOVERY GUIDE
byMUHAMMAD HUZAIFA CHAUDHARY
 
PPTX
LTS Secure offers PIM User Activity Monitoring
byrver21
 
PPTX
Priviledged Identity Management
byrver21
 
PDF
What Does a Data Breach Cost?
byCBT Nuggets
 
PPTX
Tips for Securing Your Workstation
byBrian Solomon, MBA
 
PDF
Ransomware
byManashay raju Yannapu CISM ,AWS AI/ML
 
Website security
byRIPPER95
 
Computer security
byCarolyn Brockman
 
CYBER ATTACK RECOVERY GUIDE
byMUHAMMAD HUZAIFA CHAUDHARY
 
LTS Secure offers PIM User Activity Monitoring
byrver21
 
Priviledged Identity Management
byrver21
 
What Does a Data Breach Cost?
byCBT Nuggets
 
Tips for Securing Your Workstation
byBrian Solomon, MBA
 
Ransomware
byManashay raju Yannapu CISM ,AWS AI/ML
 

What's hot

PDF
Security Scare - Cybersecurity & What to Do About It!
byCraig Rispin
 
PDF
Security Operations Strategies
bySiemplify
 
PPT
Ahearn Security Presentation
byjohnjamesahearn
 
PDF
Ri cyber-security-for-your-small-business
byMeg Weber
 
PPT
29386971 hacking
byjoeymar143
 
PDF
Ransomware Prevention Guide
byBrian Honan
 
PPTX
Courion Survey Findings: Access Risk Attitudes
byCourion Corporation
 
DOCX
Information security policy
byBalachanderThilakar1
 
PPT
DataPreserve- SEVRAR Jan 09
byMike Garland
 
PPTX
Phishing: How to get off the hook using Intelligent IAM
byCourion Corporation
 
PDF
Is Your Data Secure?
byCBIZ & MHM Phoenix
 
PPTX
Insider Threats: Out of Sight, Out of Mind?
byObserveIT
 
PPTX
10 Steps to Better Security Incident Detection
byTripwire
 
PDF
WHY WE FAIL TO DETECT HACKERS ON THE INTERNET
bynetmonastery
 
PPTX
Nagios Conference 2014 - Abbas Haider Ali - Proactive Alerting and Intelligen...
byNagios
 
PPSX
BSA/AML Title 31 Software beyond compare!
byStringfellow Consulting Services
 
PPTX
Computer security b
byCarolyn Brockman
 
PPTX
Computer Security B
byCarolyn Brockman
 
Security Scare - Cybersecurity & What to Do About It!
byCraig Rispin
 
Security Operations Strategies
bySiemplify
 
Ahearn Security Presentation
byjohnjamesahearn
 
Ri cyber-security-for-your-small-business
byMeg Weber
 
29386971 hacking
byjoeymar143
 
Ransomware Prevention Guide
byBrian Honan
 
Courion Survey Findings: Access Risk Attitudes
byCourion Corporation
 
Information security policy
byBalachanderThilakar1
 
DataPreserve- SEVRAR Jan 09
byMike Garland
 
Phishing: How to get off the hook using Intelligent IAM
byCourion Corporation
 
Is Your Data Secure?
byCBIZ & MHM Phoenix
 
Insider Threats: Out of Sight, Out of Mind?
byObserveIT
 
10 Steps to Better Security Incident Detection
byTripwire
 
WHY WE FAIL TO DETECT HACKERS ON THE INTERNET
bynetmonastery
 
Nagios Conference 2014 - Abbas Haider Ali - Proactive Alerting and Intelligen...
byNagios
 
BSA/AML Title 31 Software beyond compare!
byStringfellow Consulting Services
 
Computer security b
byCarolyn Brockman
 
Computer Security B
byCarolyn Brockman
 

Similar to 5 Steps to Manage a Data Breach

PPTX
I’ve Been Hacked  The Essential Steps to Take Next
byBrian Pichman
 
PPTX
CyberCare Pro - Cybersecurity for SME's updated.pptx
bymargueritemcleod1
 
PDF
Data Breach Response: A Guide for Business
by- Mark - Fullbright
 
PDF
Data Breach Response: Before and After the Breach
byFinancial Poise
 
PPTX
Cyber security threats and its solutions
bymaryrowling
 
PDF
Data Security: A field guide for franchisors
byGrant Thornton LLP
 
PPT
Tips to Protect Your Organization from Data Breaches and Identity Theft
byCase IQ
 
PPT
Statewide Insurance Brokers - Cyber Insurance 101
byStatewide Insurance Brokers
 
PDF
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
byCyberPro Magazine
 
PDF
Ways to Safeguard Your Business from a Data Breach
byThe Inc Magazine
 
PDF
Cybersecurity a short business guide
bylarry1401
 
PDF
Measure To Avoid Cyber Attacks
bySkillmine Technology Consulting
 
PDF
Measures to Avoid Cyber-attacks
bySkillmine Technology Consulting
 
PPSX
November 2017: Part 6
byseadeloitte
 
PPT
FTC Protecting Info A Guide For Business Powerpoint
byBucacci Business Solutions
 
PDF
Treat a Breach Like a Customer, Not a Compliance Issue
byResilient Systems
 
PPT
George Gavras 2010 Fowler Seminar
byDon Grauel
 
PPTX
Certified Banking TPM - Module 3 powerpoint presentation
bytrevor501353
 
PDF
Data Breaches - Sageworks, Inc., Webinar Series by Douglas Jambor
byTurner and Associates, Inc.
 
PDF
ISACA Los Angeles 2010 Compliance - Ulf Mattsson
byUlf Mattsson
 
I’ve Been Hacked  The Essential Steps to Take Next
byBrian Pichman
 
CyberCare Pro - Cybersecurity for SME's updated.pptx
bymargueritemcleod1
 
Data Breach Response: A Guide for Business
by- Mark - Fullbright
 
Data Breach Response: Before and After the Breach
byFinancial Poise
 
Cyber security threats and its solutions
bymaryrowling
 
Data Security: A field guide for franchisors
byGrant Thornton LLP
 
Tips to Protect Your Organization from Data Breaches and Identity Theft
byCase IQ
 
Statewide Insurance Brokers - Cyber Insurance 101
byStatewide Insurance Brokers
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
byCyberPro Magazine
 
Ways to Safeguard Your Business from a Data Breach
byThe Inc Magazine
 
Cybersecurity a short business guide
bylarry1401
 
Measure To Avoid Cyber Attacks
bySkillmine Technology Consulting
 
Measures to Avoid Cyber-attacks
bySkillmine Technology Consulting
 
November 2017: Part 6
byseadeloitte
 
FTC Protecting Info A Guide For Business Powerpoint
byBucacci Business Solutions
 
Treat a Breach Like a Customer, Not a Compliance Issue
byResilient Systems
 
George Gavras 2010 Fowler Seminar
byDon Grauel
 
Certified Banking TPM - Module 3 powerpoint presentation
bytrevor501353
 
Data Breaches - Sageworks, Inc., Webinar Series by Douglas Jambor
byTurner and Associates, Inc.
 
ISACA Los Angeles 2010 Compliance - Ulf Mattsson
byUlf Mattsson
 

More from SecurityMetrics

PDF
Window of Compromise
bySecurityMetrics
 
PDF
Securing Your Remote Access Desktop Connection
bySecurityMetrics
 
PDF
How to Secure Your Medical Devices
bySecurityMetrics
 
PDF
Medical Data Encryption 101
bySecurityMetrics
 
PDF
How to Prepare for a PCI DSS Audit
bySecurityMetrics
 
PPTX
Understanding the New PCI DSS Scoping Supplement
bySecurityMetrics
 
PPTX
Auditing Archives: The Case of the Evil Java Script
bySecurityMetrics
 
PPTX
The Case of the Suspiciously Flawless Investigation
bySecurityMetrics
 
PDF
Don't Let Phishing Emails Hook Your Empolyees
bySecurityMetrics
 
PDF
How to Effectively Manage a Data Breach
bySecurityMetrics
 
PPTX
Auditing Archives: The Case of the File Sharing Franchisee
bySecurityMetrics
 
PDF
5 Documents to Prepare for a HIPAA Audit
bySecurityMetrics
 
PPTX
The Case of the Mistaken Malware
bySecurityMetrics
 
PPTX
Hipaa Reality Check
bySecurityMetrics
 
PPTX
What Does the End of Windows XP Mean For Businesses?
bySecurityMetrics
 
PPTX
Auditing Archives: The Case of the Overly Helpful Front Desk Clerk
bySecurityMetrics
 
PDF
The 5 Step HIPAA Risk Analysis
bySecurityMetrics
 
PPTX
The Case of the Stockpiled Credit Cards
bySecurityMetrics
 
PDF
HIPAA PHI Protection: Where is Your PHI Stored?
bySecurityMetrics
 
PDF
What's Causing You to Store Unencrypted Payment Cards?
bySecurityMetrics
 
Window of Compromise
bySecurityMetrics
 
Securing Your Remote Access Desktop Connection
bySecurityMetrics
 
How to Secure Your Medical Devices
bySecurityMetrics
 
Medical Data Encryption 101
bySecurityMetrics
 
How to Prepare for a PCI DSS Audit
bySecurityMetrics
 
Understanding the New PCI DSS Scoping Supplement
bySecurityMetrics
 
Auditing Archives: The Case of the Evil Java Script
bySecurityMetrics
 
The Case of the Suspiciously Flawless Investigation
bySecurityMetrics
 
Don't Let Phishing Emails Hook Your Empolyees
bySecurityMetrics
 
How to Effectively Manage a Data Breach
bySecurityMetrics
 
Auditing Archives: The Case of the File Sharing Franchisee
bySecurityMetrics
 
5 Documents to Prepare for a HIPAA Audit
bySecurityMetrics
 
The Case of the Mistaken Malware
bySecurityMetrics
 
Hipaa Reality Check
bySecurityMetrics
 
What Does the End of Windows XP Mean For Businesses?
bySecurityMetrics
 
Auditing Archives: The Case of the Overly Helpful Front Desk Clerk
bySecurityMetrics
 
The 5 Step HIPAA Risk Analysis
bySecurityMetrics
 
The Case of the Stockpiled Credit Cards
bySecurityMetrics
 
HIPAA PHI Protection: Where is Your PHI Stored?
bySecurityMetrics
 
What's Causing You to Store Unencrypted Payment Cards?
bySecurityMetrics
 

Recently uploaded

PPTX
prevention for internet it is very important and good go check out
byUditi Uditi
 
PDF
Security and confidentiality in big data.pdf
byrayessafa21
 
PPTX
Enhanced signature verification through the integration of divers' models, op...
bychWaqasZahid
 
PDF
SIH2025-IDEA-Presentation-Innogenix320250929144422.pdf
bydevichokkakulacse1
 
PDF
Best Web to Learn About Buying Verified Payeer Accounts (Los Angeles).pdf
byhttps://topsellerit.com/product/buy-verified-binance-accounts/
 
PDF
[DSC Europe 25] Andrzej Kowalczyk - AI - how to start small and grow in the f...
byDataScienceConferenc1
 
PPTX
Child Safeguarding training ppt for one day.pptx
bymeasho Birhanu
 
PDF
[DSC Europe 25] Elena Menshikova - AI-Powered Operational Excellence: Revolut...
byDataScienceConferenc1
 
PDF
[DSC Europe 25] Bojan Djuricic - Predictive Design Process.pdf
byDataScienceConferenc1
 
PPTX
Week1_Introduction_to_Machine_Learning.pptx
byssuser211a6f
 
PPTX
Technical_Workflow_of_Indian_Startup_Funding_Trends_Project_1 (4).pptx
byAryanthakur98
 
PDF
Power BI Sales Analysis: Performance, Trends, and Strategic Insights my final...
bymaduruth09
 
PDF
Bratislava Tableau User group (BA_TUG) - 15_01_2026 - in-person meeting.pdf
byPavol Hromadka
 
PDF
Community re-Invent re-Cap Slides AWS UserGroup Hamburg 01/2026
byAlexeyVidanov1
 
PPTX
WEP PROGRAMMING textbook important notes.pptx
byRKARTHIKSHYAVI
 
PPTX
Artificial neural network Available for instant download in exchange for a bi...
byvinstonr
 
PDF
Comprehensive Power BI Dashboard for Data-Driven Business Insights and Perfor...
byNusrat Gulbarga
 
PPTX
2026 Retreat Presentations (GREBS and WRAPS).pptx
bytobacalebakanmu
 
PDF
The Creative Force Behind Iconic Worlds: Dan Houser's The "Four-Dimensional M...
bySubtract 8
 
PPTX
[DSC Europe 25] Slobodan Dolinic - Smart and Intelligent Green Region.pptx
byDataScienceConferenc1
 
prevention for internet it is very important and good go check out
byUditi Uditi
 
Security and confidentiality in big data.pdf
byrayessafa21
 
Enhanced signature verification through the integration of divers' models, op...
bychWaqasZahid
 
SIH2025-IDEA-Presentation-Innogenix320250929144422.pdf
bydevichokkakulacse1
 
Best Web to Learn About Buying Verified Payeer Accounts (Los Angeles).pdf
byhttps://topsellerit.com/product/buy-verified-binance-accounts/
 
[DSC Europe 25] Andrzej Kowalczyk - AI - how to start small and grow in the f...
byDataScienceConferenc1
 
Child Safeguarding training ppt for one day.pptx
bymeasho Birhanu
 
[DSC Europe 25] Elena Menshikova - AI-Powered Operational Excellence: Revolut...
byDataScienceConferenc1
 
[DSC Europe 25] Bojan Djuricic - Predictive Design Process.pdf
byDataScienceConferenc1
 
Week1_Introduction_to_Machine_Learning.pptx
byssuser211a6f
 
Technical_Workflow_of_Indian_Startup_Funding_Trends_Project_1 (4).pptx
byAryanthakur98
 
Power BI Sales Analysis: Performance, Trends, and Strategic Insights my final...
bymaduruth09
 
Bratislava Tableau User group (BA_TUG) - 15_01_2026 - in-person meeting.pdf
byPavol Hromadka
 
Community re-Invent re-Cap Slides AWS UserGroup Hamburg 01/2026
byAlexeyVidanov1
 
WEP PROGRAMMING textbook important notes.pptx
byRKARTHIKSHYAVI
 
Artificial neural network Available for instant download in exchange for a bi...
byvinstonr
 
Comprehensive Power BI Dashboard for Data-Driven Business Insights and Perfor...
byNusrat Gulbarga
 
2026 Retreat Presentations (GREBS and WRAPS).pptx
bytobacalebakanmu
 
The Creative Force Behind Iconic Worlds: Dan Houser's The "Four-Dimensional M...
bySubtract 8
 
[DSC Europe 25] Slobodan Dolinic - Smart and Intelligent Green Region.pptx
byDataScienceConferenc1
 

5 Steps to Manage a Data Breach

  • 1.
    Successfully Protecting YourOrganization's Brand Image If you suspect a data breach, your goal is clear: stop information from being stolen, and repair your systems so it won’t happen again. The following 5 steps will help you successfully stop information from being stolen, mitigate further damage, and restore franchise operations as quickly as possible. OF BREACHES INVESTIGATED BY SECURITYMETRICS FORENSIC INVESTIGATORS: A BUSINESS TYPICALLY LEARNS THEY’VE BEEN BREACHED IN ONE OF FOUR WAYS: 33%Food Services Retail Trade Hospitality 29% 10% HOTELHOTEL A bank informs you Law enforcement Discovered Internally A customer's complaint DO YOU SUSPECT A DATA BREACH? consulting@securitymetrics.com 801.705.5656 ISOLATE THE AFFECTED SYSTEM(S) TO PREVENT FURTHER DAMAGE. CONTAIN THE BREACH3.3. Implement your IRP Disconnect from the Internet Document the entire incident Disable remote access capability and wireless access points Change access control credentials (usernames and passwords) Segregate all hardware devices in the payment process Quarantine instead of deleting (removing) identified malware Preserve firewall settings, firewall logs, system logs, and security logs Restrict Internet traffic Contact your merchant processing bank Consider hiring a law firm experienced in managing data breaches 2.2.PRESERVE EVIDENCE WHEN YOU OR YOUR FRANCHISEES DISCOVER A BREACH, REMEMBER: Don’t panic Don’t take any hasty actions Don’t wipe and re-install your systems (yet) Do follow your incident response plan START YOUR INCIDENT RESPONSE PLAN1.1. Assemble your Incident Response team immediately Inform franchisees of your IRP Teach franchisees of immediate and long-term actions 4.4.CONSIDER PUBLIC COMMUNICATIONS Determine how and when notifications will be made Know legislated mandatory time frames Identify who is responsible for public statements Seek the guidance of your legal counsel Don't allow employees to announce the breach Craft specific statements that target various audiences INVESTIGATE, FIX YOUR SYSTEMS, AND IMPLEMENT YOUR CYBER INSURANCE PLAN5.5. BRING AFFECTED SYSTEMS BACK ONLINE Ensure all systems have been: Hardened Patched Replaced Tested SET YOUR BREACH PROTECTION SERVICES INTO MOTION Breach protection services can reimburse for: Forensic investigation fees Notification costs Card brand fines REMEMBER, PRACTICE REDUCES PANIC!REMEMBER, PRACTICE REDUCES PANIC! © 2016 SecurityMetrics