Lessons Learned From a Major Security Breach

Lessons Learned From a Major Security Breach

Lessons Learned From a Major Security BreachLessons Learned From a Major Security Breach

The high-profile breach of a major financial firm is a harsh reminder for all businesses to re-evaluate cyber-security protocols and cyber-risk strategies.

Install Proper Network SecurityInstall Proper Network Security

Hackers are thought to have gained access to J.P. Morgan employee login information and used their credentials to capture customers’ email addresses, home addresses and telephone numbers. Suggestion: Install double authentication systems.

Any Information Can Be Valuable in the Wrong HandsAny Information Can Be Valuable in the Wrong Hands

J.P. Morgan’s case proves that information with limited monetary worth can still be valuable in the wrong hands. Prioritize what electronic data is critical to your day-to-day operations and what therefore requires the most stringent controls.

Don't Wait for Telltale SignsDon’t Wait for Telltale Signs

Take a proactive approach to addressing potential points of entry. Cyber-criminals are becoming more adept at slipping into data networks undetected, so don’t assume your data is secure or uncompromised.

Information and CommunicationsInformation and Communications

A breach rarely occurs because of a single incident, so you must be able to collect and analyze meaningful information about your cyber-security. A system that aggregates data from different sources can identify patterns that indicate whether you are facing a breach.

Monitor Cyber-Risk ActivitiesMonitor Cyber-Risk Activities

As risk environments evolve, so too should your cyber-risk strategy. Regularly monitor your strategy’s effectiveness and those of third parties that administer your IT security. Present findings to key stakeholders for consideration.

Train Employees and Security PrinciplesTrain Employees and Security Principles

Employees can either be an asset or a liability when it comes to cyber-security. Conduct social engineering or facility breach exercises to evaluate how susceptible your employees are to phishing schemes or other cyber-attacks

Understand the Value of What's at RiskUnderstand the Value of What’s at Risk

Know what assets are most valuable to your business and to others. Know where they are supposed to reside, where they actually do reside, who touches them and how access is managed.

Be Proactive in Protecting Your BusinessBe Proactive in Protecting Your Business

At minimum, accept that your security will be compromised. Be prepared to respond and get the basics right. Diligence can save you the embarrassment and financial impact of a major breach, so take proactive steps in anticipation of attacks

Be Prepared to RespondBe Prepared to Respond

Organizations that have developed incident response capabilities tend to recover faster and with less damage to their business and reputation than those that wait until an incident occurs to develop their cyber-security strategy.

The Best Defense Is a Good OffenseThe Best Defense Is a Good Offense

Having a proactive, robust plan helps minimize potential damage from a breach and can get an organization back on track faster in the wake of a disruptive event. If your resources are limited, hire a third party to supplement your information security capabilities. Don’t go it alone.

Karen A. Frenkel
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles