The data-sucking cyber zombies have attacked again! This time, the nation’s fourth largest retailer, Home Depot, possibly fell victim to malicious and vengeful acts of sophisticated hackers who exposed customer information that could affect all of the chain’s 2,200 stores.
Following in the wake of the most recent data security breaches involving Target, PF Chang’s and Sally Beauty, this week’s incident involving Home Depot has certainly added to the cyber security panic throughout the online world. If you don’t have a plan in place to prevent and respond to such an attack, you’re already behind – but it’s also a great time to refresh your plan and make sure things are as secure as possible.
Here are four tips on how you can ensure your security plan can protect you from future zombie security attacks.
1. Know what to look for. Having trained professionals who understand cyber security and know what to look for is essential to an overall security strategy. Whether you employ someone full time in-house, or contract out to a firm specializing in cyber security, it’s imperative to have an expert who can identify your issues and implement a solution.
If you don’t know what a cyber zombie looks like, or what possible symptoms of an attack are, there is no way to protect yourself. Every system has vulnerability – hackers are going to seek it out and identify it, so you must be able to do so as well.
2. Routine security checks/patches. Once you know what possible symptoms of cyber zombie attacks on your system may look like, it is essential to perform routine security checks. Depending on your industry, you may need to perform those checks weekly, monthly, quarterly, etc.
In addition to performing routine checks, it is important to install security patches regularly. Pay attention to what software you use and the security updates provided by those vendors. Make it a habit to install those security updates promptly. Letting your security checks or security patches lapse opens up opportunity for a breach.
3. Plan for an attack. Hoping your business will not be the victim of a data breach or hack is bad enough but just as naive and dangerous is believing your security plan is so tight you will never be attacked. You can’t be confident that you are 100 percent safe and secure if millions of dollars spent on security from one of the world’s largest retailers didn’t prevent an attack on them. In reality, it’s not a matter of if you will be attacked but when and how.
This is why it’s essential to have an attack plan in place. How will your team respond to an attack? When will you tell your customers? Who else will you need to get involved and when? These are all questions that must be well thought out in order to deal with an attack when it comes. Being proactive instead of reactive is the best thing you can do. Don’t wait for it to happen before you come up with a plan – have something in place right now.
Even the Center for Disease Control and Prevention has a plan for the zombie apocalypse – so there’s no reason for your organization to not have a plan of in place for a data breach.
4. Act fast. Make sure your plan allows you to act swiftly. Once a security breach happens, the worse thing to do is to let too much time elapse between the breach and when a correction is made or your customers are notified.
These cyber zombies know that from the moment they begin an attack, they have a limited amount of time to disseminate the information they find (your customer’s credit card info, medical info, etc.) to the highest bidder. Shutting down the ability for these cyber zombies to make money by notifying your customers to change their passwords, notify their banks, etc. will be crucial to avoiding more damage than the breach itself.
Don’t drag your feet for fear of bad press. Your first priority is the security of you business and customers.
Related: Target CIO Out Following Data Breach