Crisis control: how to recover from a data breach
8 December 2016
3 min read
A sophisticated data breach can cost your business its reputation, profits and lifespan. And with cybercrime becoming more frequent and sophisticated, it’s more a case of when - not if - a business will be attacked. So it falls on the company’s recovery tactics to ensure it regains customer trust and becomes more cyber resilient as a result.
“It is the nightmare that every business fearsDido Harding, TalkTalk CEO
TalkTalk: the success story of recovery
No one knows the importance of recovery than Dido Harding, CEO of UK network TalkTalk, who was blackmailed publicly by a highly sophisticated cybercriminal gang.
“It is the nightmare that every business fears. I was on a conference call with my senior team to understand why our systems had been running slowly and we’d brought our websites down during this DdoS attack. The CTO said to me, ‘I think they might have got in.’ Then I personally received the blackmail attempt in my inbox.”
157,000 TalkTalk customers had their personal data raided - 4% of their database. The data included personal details (to be used in spam) and bank and credit card details. As a direct results of the breach, the company lost 95,000 customers and cost them £60 million.
Harding’s approach was total transparency with their customers, reporting the incident immediately to warn all 4 million that their bank accounts might have been stolen. She also offered every customers an unconditional free upgrade, an offer taken up by almost 500,000 customers. This transparency and customer-centric approach paid off. Today, Harding believes TalkTalk is more trusted than ever before.
“[Our customers] trust us more than they did last year because we tried and were transparent. If you try to do what is right - things will work out and it has changed my business for the good.”
How to recover and be stronger than before
With TalkTalk’s success story, there are clear principles to apply in the event of an attack, no matter what size your business.
Be honest with your customers
If you think there is a remote chance your data has been compromised, you need to let your customers know. Tell them what you suspect, how their details might have been affected and what the risks to them are.
Tell your customers immediately
Customers need to stay alert to any unusual behaviour on their accounts, in their emails or over the phone. Besides, it’s their data and they have a right to know where it is. A right that will soon be ratified under the EU GDPR coming into effect next year.
Alert the media
If you alert the media to the incident, you mitigate the and can ensure any inforblackmailmation going public is correct and isn’t designed to cause hysteria.
The plan for attack
While planning for attack might not prevent an incident, it will help to ensure business continuity and faster recovery. Any downtime will add significantly to your costs.
Can you ever prevent a cyber attack?
Companies that operate online can never be fully protected against cyber attacks. Hackers are here to stay and the tools they’re using to break into databases are more advanced than ever. Rather, according to Harding, companies should ask if ‘they’re safe enough’. It comes down to a simple case of board accountability. Companies must admit that no data can ever be fully protected but the risks can be reduced.
Reduce the risks of a cyber attack
Check every endpoint
Every endpoint on your network needs to be audited and tracked. Your IT security team - or the experts you outsource to - can do this using the CIS Critical Security Controls to ensure you’re adequately protected. .
Secure your weakest link
It’s easy to forget some devices on your network that you wouldn’t normally associate with communicating sensitive data, such as your printers. But unprotected, they could be your company’s weakest link.
Get expert cyber security services
To adhere to new regulations, protect personal information and avoid costly fines (up to 4% of global annual turnover), it’s worth outsourcing your cyber security to experts who can assess your IT infrastructure and practises.
For Harding, the TalkTalk crisis taught her three important lessons.
- No one is taking cyber security seriously enough.
- If you do what is right for your customers you will do OK.
- No one can ever do enough to protect yourself.
Regardless of your business size, sector or success - you need cybersecurity measures if you operate with customer data. Barricade the doors to a data breach and your business will be protected as best it can.