When we hear about data breaches in the news, the focus is most often on what happened leading up to the event. such as how the breach may have occurred, what sensitive data the attackers may have compromised, and who all may be impacted by the breach.
However, there are a myriad of issues an organization must confront in the aftermath of a security lapse such as what parts of its network infrastructure can be trusted, how robust is the security program that is in place, what are the financial impacts and to whom, what will the damage to the organization’s brand be given the negative publicity, and what will the legal implications be?
In this video Dwayne Melançon, Bryan Sartin and Tanya Forsheit discuss the challenges involved in regaining the trust of critical stakeholders both within and outside of the organization, as well as strategies for reestablishing trust in the compromised systems so that the organization can get on with its primary business objectives.
Tanya Forsheit (@Forsheit) is a Founding Partner of InfoLawGroup LLP. Certified as an information privacy professional, Forsheit works with clients to address legal requirements and best practices for protection of customer and employee information. Forsheit previously served as Co-Chair at Proskauer’s Privacy and Data Security practice group and represented the Women Lawyers Association for Los Angeles. She has also been named one of the Los Angeles Daily Journal’s Top 100 women litigators in California.
Bryan Sartin is the director of the Research, Investigations, Solutions, Knowledge (RISK) Team at Verizon Enterprise Solutions and is responsible for all customer-facing Incident Response, Computer Forensics, IT investigative work, and Litigation Support / eDiscovery. Sartin has more than fifteen years experience in the security arena, providing industry-leading services and support for both commercial and government organizations. He is well-versed in both criminal and civil IT investigative procedures, is a licensed private investigator and a certified expert witness, as well as having written articles on a number of security-related topics ranging from incident response planning to security training and awareness.
Dwayne Melançon (@ThatDwayne) is Tripwire’s Chief Technology Officer, responsible for leading the company’s long-term product strategy to meet the evolving data security needs of global enterprises. With more than 25 years of security software experience, Melançon has spearheaded numerous initiatives during his tenure, including executive responsibility for business development, professional services and support, information systems and marketing. He holds ITIL and CISA certifications, and is a frequent speaker at national and regional industry events.
- Target and Restoring Trust After a Data Breach
- How Target’s Point-of-Sale System May Have Been Hacked
- Why the Target Breach Might Be Even Bigger: Big Data Means Big Breach
- Stolen Target Credit Cards and the Black Market: How the Digital Underground Works
- Target: The Desolation of Fraud
- Target Data Breach: How to Perform Early Detection…
Achieving Trust After a Breach: “Which Systems Can I Trust?”
When an organization has been compromised, some of the first questions to ask are critical: Which systems can I trust? What was done to compromise my systems or data? How quickly can I figure out where I stand? Tripwire is often contacted after the fact to help answer these all-to-common questions.This paper explains the five steps an organization can take, even if they haven’t previously installed Tripwire Enterprise, to restore trust in their enterprise following a breach.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock