In a recent post we discussed how to be a “human firewall” to protect your company’s information. In this month’s issue, we’ll be talking about how a human firewall responds to a security incident.
Why do you need an Incident Response Plan?
Preparation: Being prepared when something unexpected happens can help you recover with efficiency as well as mitigate the stress a security breach can cause. A plan will help every employee, at every level, know exactly what to do if they encounter a security breach.
Detection: Employees will know how to spot a security breach or even be able to stop it before it happens. A plan in place will allow for analysis of the issue, which may provide a quicker resolution to the issue.
Containment: A plan will allow the incident to be contained so the threat can be removed.
Recovery: Once the threat is contained, affected assets such as important company and/or client information can be restored.
Analysis: How did the breach happen? Determining how the threat go in will help prevent a similar incident in the future.
What are the steps to making sure a security breach doesn’t go unnoticed?
Stay Alert: Complacency is a big reason why security breaches happen. It’s human nature to become so familiar with something you stop paying attention to every detail. When you receive requests to send money, go to an unfamiliar website, or purchase something, treat it like it’s the first time you’ve done it. Verify the details: who’s making the request, who needs to approve it, is the standard procedure being followed, does anything seem out of the ordinary.
Don’t Assume Anything is Too Small: Did you receive an email from a spoofed account (a familiar name attached to an unfamiliar email address)? Maybe you found a stray USB drive in the break room or on the ground in the parking lot. Report these incidents, you never know if it could be an attempt to breach your company’s network.
Report an Incident Immediately: Time is of the essence when there is a security breach. The sooner it is reported, the sooner it can be contained and resolved.
Know Who to Report an Incident To: This information should be provided by the company. New employees should be provided the Incident Report Plan so they will know exactly who to contact if they encounter a breach. Employees who have the correct information and know exactly what to do will be more confident in reporting an incident right away. Employees who do not have this information may be fearful they will be blamed for the incident and therefore be afraid to report it until it’s too late.
Follow Company Policy: Preventing incidents should be a top priority for any company. Company’s should have a cyber security policy in place so employees can be familiar with steps to take to prevent security breaches as well as how to report them.
Review: Preventing Security Incidents:
Use Unique Strong Passwords or Passcodes: We can’t stress this enough. Creating a strong password or passcode is a first line of defense against cyber-attacks. Always use a different password for each application or website you sign into.
Be Careful When Clicking: Be sure to know the URL of any you link you click on from email messages and social media. Clicking malicious links is one of the main culprits in data breaches. We get so used to clicking links that it’s easy to forget to make sure they are legitimate. Try to only visit websites you’re familiar with and manually type (or bookmark) the URL so you don’t have to click the link.
Be Cautious About Personal Information Shared Online: Think about security questions and how easy some of them could be to figure out based on the information you share online. High school mascot – easily found out if you’ve listed your high school on your Facebook page. Mother’s maiden name – another easy one for hackers to figure out. Did you post a #TBT photo of your first car on your Instagram account? That’s another common security question.
Respect Your Access Level: Don’t share your credentials or keycard with someone else and don’t ask anyone else for theirs.