Blog Post
Recovering From a Data Breach
Discussions of data breaches normally focus on how to prevent them — and only on how to prevent them, not how to recover from them. If there is any discussion of the aftermath, it’s framed as a disaster that should be avoided at all costs, and data breach recovery goes unaddressed.
… But what do you do if you are the victim of a data breach?
What’s important to recognize is that there is a path forward. The road ahead is undoubtedly difficult, but not impossible, to navigate. There are no quick fixes that will save your company’s reputation, but if you take real steps to keep your company and community safe, you’ll be in the best possible position to recover.
The Challenges of Data Breach Recovery
Data breaches are costly. The most well-known consequence is the financial impact. The average cost of a breach globally exceeds $4 million. This is to say nothing of the many global and state regulations that a breach violates. In fact, according to one estimate, American state privacy laws could collectively fine out-of-state companies $1 trillion over the next decade.
Even setting aside financial challenges, the reputational damage of a breach can haunt companies indefinitely. Between financial and reputational challenges, the impact of a data breach is often too much for companies to bear. One report found that 60% of small businesses that experienced a breach ultimately shut down.
Minimizing the Impact of a Breach
If you experience a data breach, recognize that you can only respond to what you know. The first step of data breach recovery must be to figure out what data has been compromised so you can formulate a response. A post-breach data discovery scan will help identify what’s been affected. Frequent discovery scanning should ideally take place as a standard business process, so you can safeguard your data, but it’s never too late to catalog your data — even after a breach.
Data discovery tools are critical in this initial response, for two reasons. They play an essential role in helping you to establish the full scale of a breach, replacing assumptions about what data you have stored with a comprehensive inventory. They can also help you determine which affected data falls under which data handling jurisdictions, to ensure you remain compliant when notifying authorities and customers of the breach.
Knowing what data you have is also essential for performing a post-mortem on the breach. Tracing the flow of data will allow you to figure out what happened, identify what data is most vulnerable to future intrusions and help you understand how you can prevent a similar breach from recurring.
Recovery Starts with Data Discovery
The process of recovering from a data breach and restoring your reputation begins with clear communications both within and outside the company, honestly explaining the lapses in security that took place, expressing sincere regret and providing actionable steps to improve rigor at scale. Employees will need clear and extensive training to improve vigilance and ensure that they are better equipped to prevent similar issues in the future. It may also be worth obtaining certifications that speak to the security of your data handling (such as ISO/IEC 27001) and publicly announcing partnerships with data security vendors.
You will also need to continue performing data discovery over time. As you do, it will be essential that you choose a data discovery tool that is thorough and generates a comprehensive inventory of your data. Enterprise Recon by Ground Labs leverages proprietary, award-winning GLASS Technology™ to identify data specific to the many regulations that organizations must comply with, across on-premises databases, servers and email systems, and in the cloud. It’s a critical component of data breach recovery.
Arrange a workshop with Ground Labs to enhance your response and become more resilient after a breach, or to prevent data from being taken in the first place.
