Site icon IT World Canada

SIDEBAR: How to clean up after a breach

The steps below come from a senior executive at a Fortune 100 financial institution, who prefers to remain anonymous. CIO.com asked him what he would do if he were asked to clean up after a LinkedIn-scale breach.

Keep in mind that the financial industry has many more regulations in place than most sectors, but his advice applies broadly

.

–Realize that it’s important to understand the breach in detail. The goal is to figure out exactly why it happened and how to prevent it, not to assign blame.
–Interview all stakeholders (network, security, system and business) to understand the root causes better.
–Fix the problem, obviously, but move beyond tactical decisions to form a strategic security plan for the future.
–Communicate the situation clearly to end users. Then, develop a plan for ongoing training.
–Embrace stronger credential storage and encryption practices, including migration to SHA-512 with salting.
–Migrate to multi-factor authentication for B2B applications and internal users.
–For consumer-facing applications and guests or partners, consider offering enhanced account protections, such as notifying consumers if their account has been accessed from an unusual IP address or an unknown device.
–Review and build better network zoning, including upgraded firewalls, IPSs, routers, etc.
–Enhance the software development lifecycle. This includes practices like periodic internal and external audits and security reviews, as well as ongoing monitoring and detection of unusual patterns.
–Share your experiences and help standards bodies develop standards for authentication, identity enforcement, digital signatures and so on.

 
(From CIO.com)
Exit mobile version