skip to main content

What Would We Do If We Were Hacked?

What would we do if we were hacked?
This is a question that every organization should be asking itself.
As we have seen, cybercrime is increasing.  Target, Macy’s and Michael’s are just a few of the companies that were hacked during the past year.  The Target incident alone speaks to the financial damage these crimes can cause -- $61 million in costs to deal with the breach, a 46% drop in profit from the fourth quarter of the prior year, and one resigned CEO.
If you think this phenomena is limited to retail stores, think again.  Earlier this year, 27,000 employees of a healthcare organization had their personally identifiable information stolen as part of an elaborate scheme to file fraudulent tax returns and collect the refunds.
These hacking incidents also create significant liability issues for the hacked organization, as evidenced by the dozens of lawsuits now faced by Target.
So, what would you do if you were hacked? 
Throughout the year, we will be discussing specific measures for specific industries.  In the meantime, here are a few action items that every organization should consider with respect to their data security:

1.          Test Your Network
Are you confident your network can withstand an attack?  Do you know if your network is currently under attack?  You may wish to consult a cyber security expert to determine the vulnerabilities in your system and how best to protect yourself.

2.          Develop Procedures for Handling Personally Identifiable Information
How are you encrypting PII?  Is access to this information restricted?  You should develop practices and procedures to better protect this information.

3.          Develop a Response Plan
How would you respond to those who have had their information stolen from or through your system?  How would you handle the media?  What about potential lawsuits?  You should develop a response plan to handle a data security breach.
As information is increasingly stored electronically, hacking incidents will continue to rise. But by thinking about the possibility now and taking preventive measures, you can hopefully minimize the consequences of any data breach.
If you have specific questions in this regard, please contact a member of our Emerging Technologies Practice Group.