A Data Breach Post Mortem: The Dos and Don’ts

By Rick Ferguson, Country Manager, ANZ at Absolute

Over the course of 2015, many major companies suffered highly public data breaches, not just internationally, but locally as well. For example, Australian retailers Kmart and David Jones both had customer details stolen by hackers late last year. Aussie Farmers Direct also fell victim to an attack in which the personal details of more than 5,000 customers were posted online. Even governments have not been spared with the breach of Queensland TAFE data in October. Most recently, online classifieds website, Gumtree had its users’ contact details compromised.

What all these cases demonstrate is how a single incident can put an entire organisation at the centre of an unwanted media storm.

Before even considering the potential legal ramifications that could soon become reality with the introduction of the proposed amendment to the government’s data breach notification bill, the diminished customer trust and the financial costs associated with a data breach can be equally concerning. Whatever the business, customers want to know that their personal information is in safe hands and they will think twice before entrusting it with companies that don’t have a positive track record in this field.

So, how should organisations proceed after experiencing a data breach?

The knee jerk reaction: Draconian data policies

While data breaches themselves should be a board-level concern, it’s becoming increasingly important for businesses to look at the broader impact that they can have. When a company or a competitor suffers a breach, often the first priority is to review how the overall business handles its data. However, the danger here is that a knee jerk reaction can result in draconian policies being implemented, severely curtailing employees’ use of data. In this scenario, the entire workforce can lose data flexibility and this can impact productivity if the company decides, for example, to limit access to critical information through mobile devices, or restrict employees to work anywhere other than directly in the office. In addition, a hasty reaction to a data breach could potentially have a negative impact on employee morale. This kind of atmosphere where no-one knows what they can or can’t do with company data can result in further mistakes being made.

The data-led approach

Changing employee behaviour regarding data use will only occur through following a data-led approach to business, not just at management level but throughout the entire company. This means praising teams that have shown good data-centric initiatives, to equipping employees with the tools they need to embrace flexible and mobile working strategies. There is a lot executives can do to dispel the common fears surrounding data; however that doesn’t mean the risks should be ignored – they just need to be managed properly.

There are three key ways that data risk can be addressed:

  1. Policy: which sets out how data and devices can be used and allows employees to clearly see understand when they’ve breached the policy.
  2. Training and education: to address one of the common causes of a breach – the human element. This training has to be engaging, relevant and tailored to employee’s roles for it to be truly effective.
  3. The technology: that a company uses to protect the business if and when a data breach occurs. The key is being able to prove that all compliance processes have been adhered to and to securely track and disable any device involved in the breach.

Ultimately, a business’s attitude to data needs to be set from the top. A company culture that is scared of data and isn’t prepared to embrace a modern way of working will always lag behind its more forward thinking competitors. This information, in all of its forms, is one of the most powerful assets an organisation has. An intelligent, flexible and secure approach to information management will ensure businesses can make the most of its data, and guard against potential risks.

Join the CSO newsletter!

Error: Please check your email address.

Tags draconian data policiesQueensland TAFEANZDavid JonesKmart Australiadata breachAbsolute softwaredata-led approach

More about Aussie Farmers DirectDavid JonesTAFE

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Rick Ferguson

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts