Posted on July 4, 2019 by staff

How should your company plan for a data breach?


A cyber security expert set to speak at the Unlocked Manchester conference has urged businesses to prepare for crisis scenarios.

More than 40 per cent of UK businesses suffered a breach or attack in the past 12 months, with the volume of cyberattacks growing more than a quarter to 1,500-plus attacks a day on average.

Holly Grace Williams is technical director at Secarma and a regular speaker on new threats to security at conferences and expos.

She told BusinessCloud that Unlocked Manchester, set to be held at the UKFast Campus on Wednesday 17th July, will include workshops on real-life scenarios which will help companies consider all aspects of a breach.

Sign up for free now!

“I think that a lot of people will realise that in dealing with breaches, it’s not the things that you expect to go wrong that are the problem – it’s the things you haven’t thought about,” she said.

“One of the companies I worked with a while ago who had suffered a data breach decided that they would send a letter to every affected customer.

“That was their biggest complication: how would they physically deliver the letters? They operated in multiple countries and had four languages.

“How do you write a letter in four languages that’s been through a lawyer so it’s technically and legally accurate and then dispatch the letter to all of those people?”

In September last year the UK’s Information Commissioner’s Office fined Equifax £500,000 for failing to protect the personal information of up to 15 million UK citizens during a cyber-attack which took place in the United States in 2017 and affected 146 million customers globally.

“When you consider announcements such as ‘we have 100,000 or 200,000 affected customers’, even that’s a lot of letters! If you try and simplify that by sending emails or using a call centre, it doesn’t really make it much easier,” continued Williams.

“With the Equifax breach, they ended up recruiting 1,500 staff for their call centre just to field calls. Onboarding that number of staff at the same time was the difficulty they had. It’s those things that companies haven’t considered.

“Some of it is simply dealing with a lot of actions at the same time: you can’t run it in sequence. If you did that, the response would be very slow.

“Companies very often have legal requirements for disclosing breach data: the go-to example with GDPR is telling the ICO within 72 hours. But that’s the easy part: their next questions of how many records and how did it happen… having those answers is much harder.”

At Unlocked Manchester, which will run from 9am-1pm, Secarma will draw upon such real-life scenarios as it walks attendees through examples of data breaches in a workshop.

Sign up for free now!

“There are different talks going on throughout the day about what organisations should be caring about. We’re asking: how should you be planning for a breach?

“We did an interview with the former CIO of Equifax [who was in post] when they had their big breach and he went through that experience with us. I want to draw that kind of information into this.

“Instead of talking to companies about what could happen, we want to look at real breaches and to guide the companies through that thought process of ‘if that was us, how would we deal with it?’”

She added: “The number of security professionals who have lived through a significant breach is quite small, so a lot of companies are presuming a lot of things.

“How good is their incident response plan? When did they last test it? When did they last update it?

“Dealing with a breach is a time of crisis – and it’s never as easy as you think it’s going to be.”

The conference will cover topics as diverse as the rise in cyber-terrorism and mobile malware to the advantages of ethical hacking and the future of artificial intelligence and the Internet of Things.

The keynote speakers are ethical hacker FC – Freaky Clown – and former director of the government’s National Cyber Security Centre John Noble.

FC is currently head of cyber research at Raytheon UK and co-founder of cybersecurity consultancy Cygenta. His client list includes major high-street banks in the UK, FTSE100 companies and government agencies.

The twin Unlocked London event on 24th July at the Shard is sold out.