Breach Management articles

In 2023, layoffs, hiring freezes, and tightening budgets are top-of-mind for many employers. 2022 was a difficult year for the world economy; and, in 2023, the aftershocks keep coming. It might feel like there’s news of another company laying off a significant part of its workforce every week, and that feeling isn’t too far off from what’s projected. Over 60% of business leaders surveyed by ResumeBuilder say they are likely to have layoffs in 2023, with 57% of these respondents […]

As a small business, you probably think you’re small potatoes to hackers. Unfortunately, the opposite can often be true. Smaller businesses that are part of supply chains are frequently chosen by hackers because they are an easy target as a valuable foot in the door to a substantially larger company. In fact, in 2022, businesses reported that about 1 in 5 data breaches came from a supplier. You want to be seen as an asset to the companies you serve, […]

In our previous two articles in this series, we talked about what an Incident Response (IR) plan is and how to get your team familiar with its steps and the process using tabletop exercises. In this article, we’re going to go into detail on what happens during IR and the nitty-gritty of what makes an IR plan work. An IR plan and robust IR strategy are both vital to ensure that a company recovers properly from an incident. Even companies […]

The thought of the Rams going onto the field with the 49ers without first spending months practicing would be unheard of. And the same is true of responding to cyberattacks in a company. Firefighters do fire drills. Actors do dress rehearsals. And IT and security teams do tabletop exercises. Tabletop exercises are a low-stress rehearsal of what might arise during an emergency situation. In this case, a cyberattack. Participants sit and discuss a scenario and their potential responses to it. […]

A swift and adequate response to an active cybersecurity threat can mean the difference between your company surviving the incident or going under. Small to mid-sized enterprises (SMEs) are especially at risk because they are looked upon as low-hanging fruit by hackers and they tend to have fewer defense and response mechanisms in place than larger corporations, especially because of budget constraints. According to IBM’s Cost of a Data Breach Report for 2021, the average cost of a breach was […]

In September 2022, an 18-year-old hacker leveraged sophisticated social engineering techniques to smash into Uber’s network. Once inside, the hacker rummaged through a file share and found privileged credentials that gave access to enormous swathes of Uber’s source code and corporate cloud platforms. Luckily, no trip data was taken, according to Uber. But trusting luck is a terrible strategy for cybersecurity. How did the Uber hack happen? According to an official statement by Uber, the breach was carried out when […]

Software vulnerabilities are a fact of life with more identified every day. In 2021, 28,695 new vulnerabilities were discovered in production software. These vulnerabilities can potentially create a backdoor to companies, letting attackers come in and out as they please. However, some vulnerabilities are significantly more dangerous than others with widespread impact. Many of these high-impact vulnerabilities — such as Log4j and Follina — are zero-days, where vulnerabilities are exploited by cyber threat actors in the wild before they become […]

Risk management is a core part of any organization’s business processes. Without the ability to manage risk, an unforeseen event could put the company out of business. Effective and comprehensive risk management requires an understanding of what can go wrong, how to minimize the probability of a risk event occurring, and how to recover if something does go wrong. In many ways, managing risk for the business is similar to owning a car. Car ownership comes with significant risks and […]

7 costs of a data breach and how to minimize them It’s no secret that data breaches are occurring more frequently and they’re expensive. Just turn on the news and you’re sure to hear a story about the millions a major company lost thanks to a leak. Unfortunately, in too many cases, businesses experience a costly breach that could have been prevented. Something as simple as a misconfigured or insecure firewall or lack of two-factor authentication can cost a company […]

Given sufficient time, resources, and motivation, a cyber threat group can breach any organization. While prevention is important, companies should treat data breaches as inevitable and ensure that they are prepared to handle them and minimize their impact. According to the 2021 Cost of a Data Breach Report developed by Ponemon and IBM, the average cost of a data breach is $4.24 million. However, having an incident response (IR) plan in place is one of the best ways to drive […]