Companies take some security measures to reduce losses and damage to reputation during data leaks.

Studies have shown that the number and development speed of data leaks are rising, and the loss caused by the company is also rising. According to a survey report on cyber security issued by Cyber ??Securityvent, it is expected that in 2021, cyber attacks will cause 6 trillion US dollars in the world. More shocking is that the loss caused by global online crimes will continue to grow, and it is expected that the annual annual increase of 15% in the next five years will reach 10.5 trillion US dollars.

These costs will be borne by tens of thousands of victims around the world, but individual companies that have been attacked by hackers will face multiple and huge losses. A student of consulting agencies in Infosys, a research report on long-term data leaks show that 65% of users will lose trust in data leaks in the enterprise, and 85% of them say they don’t want to deal with these companies again.

According to ISACA in 2021, only 32% of companies have made full preparations for online attacks. However, this preparation will bring a return. Industry experts pointed out that CEOs that take more stringent measures before network attack events not only better defense and respond to attacks, but also minimize correlation costs.

The following is 10 measures taken by Chief Information Security Officer to help reduce the loss of data from data disclosure:

1. Understand the complexity of the operating environment and know what makes the company profit

Senior Chief Information Security Officer Andreaswuchner pointed out that the complexity of the IT system enables companies to greatly expand their business methods and locations, but it also makes defense network attacks and recovery after being attacked by cybers, so Companies need to prepare in advance. Wuchner is now a senior security person in charge of a global financial institution and a joint founder of consulting service agency Cybovate.

Wuchner said: “The more you understand the operational environment and what your business has created more income for your business, so you can restore the operation and minimize your business impact, and your business can stop in time.”

The recent American Colonial oil pipeline encounters online attacks that cause closing events. Although the early guess is concentrated in the company’s operational technology (OT) system is destroyed, according to the news media CNN report, “the company stopped operation because of its billing system to attack … they worry Find how much fuel costs are charged to customers. “

2. Understand partners

The company’s security team handles network attacks and data leaks require help from many different fields of professionals. CEO should know if they need to work together before they are attacked by cyber attacks, so that everyone is ready when there is such a thing. Wuchner said it ensures that the company quickly responds to reduce reputation loss and related costs. It also ensures that cooperation experts can charge costs in accordance with the contract, not by emergency matter.

It helps ensure that all key skills are included in response to measures. Hold Security’s Chief Information Security Officer and ISACA Emerging Trend Working Group member AlexHold said, some of the victims of Subso software agreed to pay the ransom in the request of the network attacker, because they did not excel the partners who made negotiations with cyber attacks – this The mistake increases the cost of data disclosure events by millions of dollars.

3. What do you do?

Similarly, the Chief Information Security Officer should understand its skills and permissions restrictions, and record the person in charge of each step or action during data disclosure.

Tata Consulting Service Company Risk and Network Strategy Global Management Partner Siobhanmacdermott said, “Everyone must have a clear role; now it is not a debate who is mainly responsible.”

4. Practice the response of illegal events

Companies need to exercise respond to cyber attacks, which can reduce fear and panic when there is a network attack event. Holden said, “We have a full reason to practice, but there is no enough practice in terms of network security, and when we practice, it is not good.”

Enterprises that are regularly practicing will cultivate the muscle memory required to quickly deal with real trading and strategic response to avoid more business losses, greater reputation damage, and higher cost delays and mistakes.

5. Hire safety experts in handling data vulnerabilities

After some data leaks, some security professionals believe that the careers of the IT security personnel who are hacked the company may end. This is not the case, these staff have valuable experience in handling data leakage.

CEO should consider hiring some professionals to help them better prepare.

6. Overview and preparation of regulatory requirements, countries and regions have implemented regulations for how companies should handle data leaks, including how fast they must notify users of their information, if they need to be these users These actions need to be taken without any service, as well.

For example, the General Data Protection Ordinance (GDPR) issued by the EU includes a timely reporting of data leaks in a timely manner, and in violation of these legal companies may be fined for its annual income of 4%.

MacDermott said that Chief Information Security Officer should cooperate with other executives of enterprises, which legal understands which law applies to them, in which case is applicable, and then prepares the template language applicable in many cases.

She explained that “We regard each of the data leaks as a separate event, of which 80% of the language can be repeatedly used, only 20% requires modification for specific events.”

7. Focus on the safety of the supply chain

VMware Network Security Strategy and Wilson Central Network Policy Global Researcher Tomkellermann said that hackers are increasingly using companies that are invaded and attacked to attack other victims, so they are ready for this situation. The Solarwinds supply chain attack is one of the recent events that have happened.

Kellermann said that many users have begun to prosecute companies that are used as a hacker base station. He predicts that this year will see this incident in the shareholders’ litigation and regulatory punishment.

In order to avoid high-cost legal proceedings, corporate chief information security officers need to ensure that they will not fall into this dilemma, and if they encounter such a situation, they can take action as soon as possible. In addition, chief information security officials need to pay more attention to the attack of online attackers to use the company as a feeder, even if these companies are not suppliers or partners.

8. Strengthen the ability to detect and stealth mode

One of the most effective ways to deal with high losses is to test the behavior of network attackers. Kellermann said that Chief Information Security Officer can do this through investment integrated network and endpoint detection, real-time telemetry and analysis capabilities, and threat detection and other leading security best practices.

It is found that the behavior of network attackers will help eliminate cyber attacks. This is of course important, but do not let the network attacker know that they have become more and more important in the case they have been identified.

He said, “We need more hidden in how event response and threat tracking.”

9. Cultivate more political minds

The Chief Information Security Officer who wants to make a rapid response to data will also strengthen their understanding of geopolitics. As experts pointed out, many network attackers have received support and in accordance with their ideas, not only use the technical weaknesses existing within the enterprise, but these companies are not always able to recognize that they will be affected by the international tensions.

MacDermott said: “When we talk about the defense network, it is important to understand the geopolitical pattern. You need to understand what the world is happening, and understand the political position of some countries. This is usually the question of the chief venture official, but CEO The official must also consider this. If you know that the company will become the chess pieces in the geopolitan political chess, you may be able to respond faster, and make partners prepare for this. “

10. Make executives to reduce the preparation of data leak losses as soon as possible

SANS CEO Robt.lee said that Chief Information Security Officer should be prepared in advance before suffering from cybers. He asked, “So how will it limit online attacks and damage, so that it does not become the operation of the company?” He added that after detecting violations, the company did not have time to accuse and guess, and must respond quickly and handled. He said.