Friday, December 23, 2011

Santa Claus’ Workshop, Naughty/Nice List Databases Hacked

Proprietary Data and PII of Billions Exposed.  The Grinch, Disgruntled Elves, Anonymous Lead List of Suspects in Data Theft.

Well... just imagine it was your company that was breached.  Santa probably has a healthy bank account and can weather the storm of bad publicity.  After all if his organization fails, there is always mom and dad to do the shopping and delivery.  It is not like there is a lot of competition.  Where else are kids going to write at holiday time?

Maybe you do not consider your information all that valuable.  Perhaps your company has no proprietary information.  Is there employee information?  What about customer credit information?

What happens to your business’ reputation? 

It is hard enough finding a business, partner or supplier that you trust in the first place.  As a business, how hard is it to keep your customer’s happy?  What effect would a data breach have on your existing relationships?

It is very difficult to calculate the costs of a data breach on a business.  At least one that survives and does file for bankruptcy to protect itself.  The finance team can add up the fines, the cost of auditors and regulators, the pots of coffee consumed during the investigation, but what about the loss of reputation?

There is no perfect solution.  The criminals keep getting smarter and the mouse traps more sophisticated.  What you can do is prepare.  That is the role of a Written Information Security Program (WISP) plan.  It creates a defensible position with regulators. It is like a fire drill for data breaches.

Many companies provide technology solutions, but few provide a solution that will be approved by regulators.  Dolvin Consulting and Cyber Security Auditors and Administrators (CSA2) work with your team to prepare, create and maintain a working WISP plan.  A plan that is reviewed, tested, and updated each year.  A plan that will help mitigate the risks and let you sleep at night.

The ball is in your court.  Contact us today to see how we can help become compliant.  Do not let what happened to Santa happen to you.

No comments:

Post a Comment