Nearly every week we learn of another major data breach involving the personal information of hundreds of thousands—or even millions—of people.
Then this: Yahoo! announced 500 million user accounts were hacked. You would think one of the pioneers of the Internet age would have impenetrable data security. It didn’t. In fact, the company now appears to have been hacked on multiple occasions.
This was, by far, the largest data breach in history. But that is a distinction that isn’t likely to last for long. Cybercriminals are becoming increasingly ambitious and sophisticated. Many work at the behest of foreign governments and they are going after such targets as the U.S. Military, the Democratic National Committee, and even, purportedly, the next Presidential election.
But, like ISIS and Al Queda, the online terrorists are also now also going after the smaller, soft targets. In fact, Fox Business reported earlier this year that 43 percent of cyber-attacks worldwide target businesses with fewer than 250 employees. Retailers, medical offices, law firms—anyone with personal, financial or medical information.
No business is safe. And as new devices are connected to the Internet of Things—refrigerators, cars, thermostats, video camera—the number of points of entry for criminals is growing exponentially.
In other words, this may just be the beginning.
For this reason, many organizations are putting plans in place for when the inevitable happens. They are developing detailed plans on how to mitigate damage after a breach occurs without tipping off the hackers. They are lining up call centers and customer service resources, so they will be able to respond to consumer questions right away. They are building out their notification plans, so the authorities and affected individuals will be informed as the law requires. And they are developing communications plans to ensure internal and external audiences and the media are provided the right information at the right time by the appropriate people.
Since it now is impossible to prevent an attack, preparing for one may be the next best thing. As we at LEVICK have seen working with organizations in crisis over the past 2 decades, when an incident occurs, even the most experienced professionals make missteps when having to make snap judgments. A clear and actionable plan can be priceless at times like these.
