The growing importance of security breach incident management

Posted by Mike Vizard on Jun 14, 2016 12:00:57 PM

Security_breach.jpgHow an IT organization handles a breach is now arguably more important to the business affected than all the time and effort they put into preventing one from happening.

In this day and age, some kind of breach is now almost inevitable. In fact, a new survey of 2,400 end users in the U.S., United Kingdom, and Germany conducted by Centrify, a provider of identity access management software, finds that roughly three quarters of them have come to expect that a business is going to be hacked. Despite having that expectation, however, well over half say it is somewhat likely or very likely that they will stop doing business with an organization that’s been hacked.

While that may sound dire, on a practical level most people are going to get tired of switching their business somewhere else every time a business gets hacked. In fact, the survey finds that while the majority were only somewhat satisfied with the way hacks were handled by businesses, less than half said they were actually very satisfied.

MSP's Complete Guide to Cyber Security

Naturally, it’s hard to make somebody happy when their personal information has been compromised. But in terms of overall security incident response, the survey makes it clear there is plenty of room for improvement. For example, most of the respondents said they either found out about a breach from a media outlet or a friend or a relative rather than from the organization itself. The reason for this is that even though hacks are now a regular occurrence most organizations still don’t have a set of standard protocols in place for how to respond to a security breach. For IT service providers, that creates a major consulting opportunity.

From informing regulatory bodies to proactively reaching out to customers to assure them everything possible is being done to protect their data, there is a series of best practices for managing the aftermath of a security breach. Most organizations today have no idea what they are. The end result is usually a confused response to the breach that often does more to harm the reputation of the organization than the actual breach itself.

Protecting reputations

Reputation, of course, is the primary issue. While the data stolen has a monetary value, it’s the value of the organization’s brand that suffers most. The success of institutions such as banks and medical facilities are wholly dependent on the trust they engender with their customers. Without a consistent breach response plan in place that everyone in the organization knows by rote, the damage a breach can cause to an organization’s brand goes beyond measuring. It’s not the media reports that do the most damage, but rather the word-of-mouth message that continues to spread over time. The poorer the response, the longer that word-of-mouth damage to the brand persists.

The simple fact of the matter is that security is no longer just an IT issue. It’s a threat to the entire business. That means IT service providers need to be able to elevate the conversation. Organizations want an IT service provider to help them prevent breaches from happening in the first place, but the savvier ones also want help establishing the processes required to respond to that almost inevitable breach as quickly as possible. For most IT services providers, providing that expertise is likely to prove to be more profitable than all the managed security services they provide combined.

MSP's Complete Guide to Cyber Security

Photo Credit: Jeff Keyzer via Flickr.com. Used under CC 2.0 License

Topics: Cyber Security

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment