“A data breach itself is the second worst possible event that can occur in an organization; the mismanagement of the communication about the response is the worst.” This observation comes from Exabeam chief security strategist Steve Moore, who has tracked criminal and nation-state adversaries and led the largest healthcare breach response in history. Moore added that the time spent on a breach, including audit, regulatory, and litigation support, can last not months but years.
I previously covered 5 ways you can prepare for a breach, which can help reduce risks. If a breach still occurs despite those precautions, however, here are eight things you should do within 48 hours to manage and contain the situation as best as you can. Regardless of the type of breach, these steps should apply—whether it involves a single device, a series of
systems, or a company-wide intrusion. MORE