Recently, independent data journalist and information designer David McCandless unveiled a new interactive resources on his blog site that illustrates the prevalence and impact of data breaches.
The page, called “World’s Biggest Data Breaches,” displays bubbles of different sizes and colors in a range of positions signaling the type of breach event, the organization involved and the number of records that were compromised. Users can select different filters via a side menu to separate the events depending upon the industry and how information was leaked.
The visual paints a frightening picture of the current data breach environment, showing some of the worst compromises in recent history. For example, McCandless included events involving Target, Adobe, Evernote, Living Social and the mass hack of several American businesses in 2012 where approximately 160 million records were affected.
McCandless’s resource shows the need not only for improved prevention practices, but it also leaves many, especially in the business sector, wondering what they would do if their organization was the victim of a breach.
How to handle a data breach
One of the first steps to take once a breach is discovered is to put together a response team that will handle the suspected or confirmed infiltration. The group should include a program manager, the company’s chief information officer, a privacy officer, general counsel, as well as representatives from the organization’s communications, legislative affairs and management offices.
Experts also advised taking an in-depth look at all the data being utilized or stored by the business to get a better picture of what may have been affected. Once the breach has been confirmed and the exact information compromised has been discovered, administrators should determine what governing body they will notify, as it usually best to report the instance as soon as possible.
Another important step to take following a breach is to verify the cause of the event, or what vulnerability was leveraged for exploitation. In this way, the organization can take steps to prevent the same occurrence from happening again. For example, if a malicious application was the cause, decision makers may want to utilize an application whitelisting software to grant access to approved programs only.
Similarly, if an infected server or workstation was the issue, managers should consider a reboot to restore solution like Deep Freeze. Such technology enables the user to restart the system to return it to pre-infection settings, thereby mitigating the damage of an attack. Furthermore, computer monitoring systems are also effective in alerting employees of suspicious activity that could signal a breach.