Your site has been hacked – What Do You Do
When slickwraps got notified that their site had been hacked they didn’t really take it very seriously. They were notified by a so called white hat hacker that their site had been compromised and they had 24 hours to fix it or the hacker would steal their data and make it public. They either did not take it seriously or just couldn’t react in time but the ‘hacker’ did what he said he would do. Unfortunately for slickwraps the data was out there and the damage had been done. It didn’t matter that the crook got caught. The damage to their reputation and their bank account may well turn out to be devastating.
The trend is that hackers are striking more often and with greater success. Ransomware is still at the top of the list for small business breaches with many going unreported and ransom being paid. This is a very dangerous trend as it gives the hackers more confidence in plying their trade.
In order to be successful, your business security model needs to have 3 major parts. Each may have many different branches or sections. Each part is dependent on the others and will fail to function properly without their counterparts. The 3 parts i am talking about are protection, detection and response.
As an example protection would be like a door with a lock. This does real good at preventing entry by the vast majority of the population. There are some though who would pick the lock or just break the door down. This is known as the point of failure. If that is all you have in place to secure your home and family then the system breaks down and everything is as extreme risk of harm or theft.
When you add in detection it enhances your ability to protect what you treasure. In the case of our door it often times acts as a deterrent against break in with a sign posted to let would be criminals know there is another layer of protection and their risk is greater. If they do not heed the warnings and decide to break in anyway, they will be detected and an alarm will sound and the proper authorities will be notified. If you are home this alarm will give you time to respond with your choice of defenses. You can release the guard dog or respond with firepower. There will also likely be additional response from the police who will arrive in a given period of time with an aggressive show of force in an effort to thwart any criminals efforts.
This leaves the response part. If you have guard dogs or a gun you are doing everything in your power to stop the criminal and protect your family. If you leave this part out then what good is detection or even protection. You may as well just leave the door wide open with a sign that welcomes criminals to take advantage of your lack of effort. The same goes for the detection part. without an alarm to let you know something is happening, any response will likely come too late. You won’t know someone broke in until the morning when you wake up and realize you have been a victim of a robbery or when the criminal wakes you up with a gun in your face. Too late.
The same goes for the protection element. If you do not install a door the break in alarm will be of no use as criminals are free to come and go as they please. And as in the last scenario, response will be ineffective as well.
As you can see all three elements are necessary and dependent on each of the others in order to build an effective security plan. So to get started with a cybersecurity plan you need to answer the following questions.
- What are you trying to protect? – the answer here is NOT your server or any technology you use in your daily business operations.
- What are the likely threats? – Insiders, Hackers, Ransomware
- What would be the likelihood of the threats happening? What is the ratio or percentage of it happening in the next week, month, quarter or year?
- What would the business impact be? How valuable is what you are trying to protect? Client information, business reputation, downtime, incident response, legal fees, fines, lawsuits…
When you can answer those questions then answer the next.
- Without asking your IT department how confident are you that an attack would be detected and responded to in a timely manner to avoid a catastrophe?
Lets start a conversation to learn the truth about your current cybersecurity position. Click the button below to connect.Contact Us