2. Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 2
Source: https://youtu.be/O4TFXDniG9w
3. Definition
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 3
Source: https://iapp.org/news/a/is-it-an-incident-or-a-breach-how-to-tell-and-why-it-matters/
National Institute of Standards and Technology defines an event as “any observable occurrencein a system or
network,” such as a server receivinga request for a web page, a user sending an e-mail message, or a firewall blocking
an attempt to establish a connection
A securityor electronic incident is anevent that violates anorganization’s securitypolicies and procedures. Incidentas a
“security event that compromises the confidentiality, integrity or availability of aninformation asset
A data breach is defined as an event in which an individual’s name and a medical record and/or a financial record or
debit card are potentially put at risk either inelectronic or paper format.
5. Data breachesroot causes
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 5
Source: https://public.dhe.ibm.com/common/ssi/ecm/se/en/sel03130wwen/security-ibm-security-services-se-research-report-sel03130wwen-20180122.pdf
6. Breaches sector wise - 2017
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 6
Source: Verizon 2018 data breach report
7. Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 7
According to a study by KPMG, 19%consumers
would completely stop shopping at a retailer after
a breach
Breaches sector wise - 2017
Source: Verizon 2018 data breach report
8. Equifax- Casestudy
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 8
Source: https://www.pbs.org/newshour/nation/equifax-hack-happened-according-ceo
10. Identifying breaches
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 10
Days to identify and contain the data breach over the past year
Source: https://public.dhe.ibm.com/common/ssi/ecm/se/en/sel03130wwen/security-ibm-security-services-se-research-report-sel03130wwen-20180122.pdf
Note: MTTI – Mean time to identify; MTTC – Mean time to contain
11. Identifying breaches
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 11
Source: https://public.dhe.ibm.com/common/ssi/ecm/se/en/sel03130wwen/security-ibm-security-services-se-research-report-sel03130wwen-20180122.pdf
Days to identify and contain the data breach incidents by root cause
Note: MTTI – Mean time to identify; MTTC – Mean time to contain
12. Breach notificationsrequirements
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 12
Source: https://csrps.com/meticulous-timeline-equifax-data-breach
To be
GDPR
HIPAA
60 days
72 hrs
Article 33
EU GDPR
Breach Notification
45 CFR 164.400-414
13. Proactivesteps before databreach
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 13
Source: https://csrps.com/meticulous-timeline-equifax-data-breach
Information
Classification Zero trust
network
Deleteold,
irrelevantdata
Limittheplaces
youstoredata
Outdatedsoftware
andtechnology
Response planReducebring-your-
own-device
(BYOD)liability
Configuration
management
Robost security
awareness
training
14. Notto Do
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 14
Source: https://csrps.com/meticulous-timeline-equifax-data-breach
Not conducting forensic investigation
Makingfalse or misleading statements
Response onthe fly
Going silent
Closing theincidents in an hurry
15. Do butNot
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 15
Source: https://www.cio.com.au/article/580908/5-steps-respond-security-breach/
Activatetaskforce
Containment
Assess the
severity of breach
Notification
Lessons learned
Customer,
legal/regulators
Who and whathasbeen
affected
Isolatefromnetwork,password
reset
EnablingIncidentresponse
plan
Updatingincident
responseplan
16. Flipsideof breaches
Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 16
Source: https://csrps.com/meticulous-timeline-equifax-data-breach
It was extremelyproactive in its response, alerting customers evenbeforethey had a chanceto fully confirm the
breach.
Transparency
Abiding legal/regulatory obligations
Regularcommunication
Workas one team
TRUST
17. Srinivas Thimmaiah | DB - TWF | 20 July 2017 Page 17
Let’s communicate
Source: https://www.headsup.org.au/training-and-resources/news/2015/04/24/seven-essentials-to-communicate-your-commitment-to-improving-workplace-mental-health