So your customer suspects they may have a cyber security incident – what should they expect and how can you walk them through it? Blaine C. Kimrey of Vedder Price has the answers.
Before anything else, Blaine urges customers to call a lawyer or “breach coach” like Blaine himself. This is a crucial first step to get a handle on the situation before it becomes more of a problem. Typically, Blaine will ask his clients questions about the nature of the exploit such as, “What’s happening? What’s been done so far? What’s being done to make sure no evidence is being destroyed?” If the wrong action is taken prematurely, it can exacerbate the situation and trigger a “parade of horribles,” in Blaine’s words.
After the “breach coach” has a handle on the situation, they’ll likely advise the customer to notify the insurance company claims department. Next, they’ll help select vendors for forensics, ID theft protection, and press relations. Finally, during clean-up and remediation, the “breach coach” will determine who, if anybody, needs to be notified of the incident – be it record holders or regulators.
The ultimate goal of the “breach coach” is to help minimize the potential for 3rd party risk. With the right team and protection in place, you can help your customer stop a bad situation from becoming a devastating one.
“We recently identified a bug that stored passwords unmasked,” said the Twitter Team in a recent email to over 330 million users. Essentially, if you had a Twitter account, someone could have discovered your password without encryption, black dots or hashtags hiding it. Though they found no evidence that the passwords had been compromised, the social media giant recommended that you change your password immediately.
How many times a month do you get an email or notification to update your password? Sometimes, these are proactive prompts to keep your passwords fresh and new, but as our world becomes more digitized, these are often signs of a data breach.
Please run—don’t walk—to update your passwords.
The Twitter Team also highlighted another common issue when it comes to our relationship with passwords—we often use the same one across multiple devices, accounts, and services. Yes, using the same password for multiple logins makes it easier to remember, but it can put your private data in danger. After a breach, your password will probably be linked to your personal email address or another login credential, making it an easy connection for a hacker to infiltrate other accounts you are using. This is why a unique password goes a long way toward your personal and/or commercial data security.
What can you do?
1) Use a password manager.
There are lots of fantastic and reasonably priced password managers that will help you create and store unique passwords. Get the same manager on all of your devices (browser, phone, tablet, etc) and it will store them in one secure location—ready at the click of a button.
2) Change your password regularly.
When prompted by a service provider to update or change a password, do it immediately. Whether it is routine, a company policy or something serious, there is no reason to leave yourself vulnerable.
3) Follow these password creation rules.
Store them in a locked, protected or encrypted file. Leaving passwords on a notepad, in your email, on a Word document, or on your desktop is not secure enough.
Use completely unique passwords for every place you log in. Password, Password1, and Password2 are not unique, and can be exploited by even the average hacker. And if ‘password’ is in your password, please open up your browser and change it right now.
Pay special attention to banking, credit card, and any systems holding important customer, employee or personal data. When there is potential money involved, hackers will go the extra mile to infiltrate these systems.
Don’t help hackers steal your data—utilize these valuable steps and help protect yourself during the next breach.
ARE YOU A BUSINESS OWNER? FIND OUT IF YOUR COMPANY NEEDS CYBER INSURANCE WITH THIS SIMPLE QUIZ.
As the world becomes more connected and data harvesting prevails, many business owners are faced with the question – how important is cyber liability insurance?
If you feel a little overwhelmed when considering your options, rest assured that you’re not alone. Understanding the risks of a cyber breach and how it applies specifically to your business can be tricky if you don’t know where to start. That’s why we’ve narrowed it down to the essentials, below.
GDPR stands for the EU General Data Protection Regulation, which was put in place to harmonize data privacy laws across Europe – essentially reshaping the way organizations across the region approach data privacy and security by protecting and empowering all citizens. It can be viewed as a stronger approach to regulation after their first attempt, the Data Protection Directive, failed to urgently enforce data security.
It’s no surprise, the 2018 tax season is here, and with it – a heightened concern for the security of employee data. Let’s take a moment to analyze the current trends, what you can do to take matters into your own hands, and how you can protect your employees’ information from being jeopardized in a cyber breach.
In the wake of outlets like WSJ and Experian raising concern about cyber breaches, everyone knows how stressful spending can be – especially during the holidays when the risks of cyber threats are known to be at least 20% higher.
Empower your customers to spend all year long with these simple tips:
Despite the rising level of data breaches around the world, many businesses are still not fully prepared to deal with the case of a cyber-attack. Now more than ever, it’s important to understand what cyber insurance really is, who it helps the most, and what kind of comprehensive plan is best aligned with your company’s individual risk profile.
One of the challenges facing cyber security today is the feeling that a cyber breach is something that can not be avoided, something that is essentially out of your control. A common misconception is that – unless you’re a large company with a ton of resources you can devote to cyber security, intrusion detection, malware scanning, and all the other fancy bells and whistles – there’s little to nothing you can do to prevent your business from becoming a target.