Debra Geroux and Scott Wrobel on Responding to Data Breaches [Podcast]


Post By: Adam Turteltaub

When a data breach occurs, one step is often overlooked in the rush to remediate:  preserving as much of the data logs and backups as possible  That’s a mistake, say Debra Geroux, Shareholder at Butzel Long and Scott Wrobel, Co-Owner, N1 Discovery, because that data illuminates what happened, how it happened, and what data was taken.

In this podcast they also advise hiring cyber counsel immediately to obtain guidance through the legal and regulatory issues.  They may also be able to help you conduct the subsequent investigation under privilege.  Counsel can also help identify outside resources, deal with law enforcement, and help healthcare organizations determine if the breach is a reportable one.

In addition to outside counsel, Geroux and Wrobel argue strongly for leveraging the organization’s communication team.  Managing messaging is critical.  The communication targets—victims, employees, the board, public, media — have to be identified and given the information they need.  But, be judicious.  Limit your communications to essential information to reduce the opportunity to spin the story.

Most importantly, they advise, make the effort to understand what the root cause of the incident was.  Often, that’s not as evident as it may seem.  Sometimes the first suspected point of breach is not the actual one.

To reduce the risk of future incidents, they recommend adopting two-factor authentication.  Workforce training is also essential since so often employee errors (and vulnerability to sophisticated phishing efforts) are a factor.

Hiring a third-party security company to conduct an internal and external vulnerability assessment can also be helpful.  It should identify every device and piece of software on or connected to your network, their vulnerabilities and how to remediate them.

That assessment should also address any cloud-based solutions your organization is using.  While, generally speaking. those solutions are secure, if your organization leaves the default settings in place, it could leave you exposed to bad actors.

Listen in to learn more about how to protect your organization, including the need to take a second look at your cyber insurance policy.