800-214-0957 info@blackbottleit.com
The Breach: Final Chapter

The Breach: Final Chapter

The Breach: Final Chapter


Why Does The Attorney General of North Carolina Care About Our Data Breach?

Our Data Breach Coaches had filed the necessary communications with several state Attorney Generals.  We were advised that most states would acknowledge, and it would end there. However, the Attorney General’s Office in North Carolina reached out and requested more information. This was surprising to me, as I didn’t know how to respond or why they would be asking for more details. Fortunately, our Data Breach Coach fielded the request, and we had a call to discuss the strategy of how to respond. Our response was most reassuring that we had taken the necessary measures to prevent an issue like this from happening again. This was just another point, where had we not engaged the right people, we would have had no idea the reporting requirement existed and/or how to respond to requests for more information. As I learned, each state has different reporting requirements, and North Carolina was not the last state to request more information.

Credit Monitoring, Makes Sense

After two months, we were rounding the home stretch of our incident response. The final piece was to figure out how to protect the impacted individuals from any potential damages. Our Data Breach Coach asked us how we wanted to proceed. (Let’s pause for a second, this is a common theme throughout the process. At various points, third parties who had expertise in a subject matter would ask us our thoughts on how we’d like to proceed. We wanted guidance from the experts in areas we needed; I thought it strange we were asked this, rather than just presented options, back to the story) Obviously, we didn’t know how to respond, so we asked for options. 

As a sign of “goodwill,” they suggested offering everyone credit monitoring for two years. That seemed reasonable to us. So they referred us to a national brand that provides these services. During our first call, they offered credit monitoring, explained the process. All of which was acceptable, but then they started talking about setting up a call center, handling questions by the impacted individuals, printing notification letters, and lots of other services. All of which sounded like a great idea had the scope of our incident warranted. However, our situation was so small that it seemed like overkill and yet another way to spend the Company’s money needlessly. So, we set up the necessary processes with internal staff, contracted to offer the credit monitored, and sent out the notification letters. Materially, the incident response was effectively over.

You Want A Detailed Recap Of The Breach Response. Are You Sure?

Finally, after all notification requirements were handled, credit monitoring handed out, and all inquiries were answered, we had a chance to exhale a bit. The incident could have been much, much worse. But we’d made it through. After thinking about it, I realized I didn’t have a formal recap of our response from our Data Breach Coach. I thought, should any inquiries be going forward about how we responded, I should have something to prove that we satisfied all the legal requirements and acted ethically. So, I launched a call to our Data Breach Coach. Out of everything we experienced, this final chapter is something that surprised me the most. After a few days, the Data Breach called me back and acknowledged my request. 

Here is our dialog:

Data Breach Coach: What do you want a formal recap of all the activity that occurred on your behalf in responding to this incident?

Me: “Yes, I do; I want to be able to produce some formal documentation of how we responded to our incident in the event it is needed in the future.”

Data Breach Coach: “Are you sure you want this?”

Me: “Yes, I’m sure.”

Data Breach Coach: “Are you
really sure?”

Me: “Rather than ask me if I
really want it, can you just tell me why you are asking if I want it?”

Data Breach Coach:  “If we produced it, it becomes a legally discoverable document, which might not be in your best interest, should future legal action be taken against you and your Company.”

Me: “So, let me get this straight, we spent three months and 250K responding to this incident. We dotted every ‘i’ and crossed every ‘t.’, But it’s not in our best interest to have a formal recap of the actions taken, to prove that we handled the incident in accordance with all the requirements?”

Data Breach Coach: “We can add a high-level summary to your file, should you need it, you can call our office, and we’ll produce it, but having a detailed document isn’t in your best interest.”

Me: “Ok, if that’s what you think is best, then I guess I don’t want it.”

This last interaction left me a little dumbfounded. But in hindsight, I should have expected it. The whole experience was foreign to the Company and me. In the end, we spent our entire amount afforded to use by our insurance coverage to respond to this incident for the potential loss of 250 records. During the initial days, there was lots of confusion, unknowns, and decisions that needed to be made. We didn’t always make the right ones, but we did have enough presence of mind to slow the situation down, get as data as we could, and make informed decisions.

I’m hopeful that our story can help, inform or at least mildly entertain anyone reading. 


About the Author:

This blog was written by John Hensberger, Managing Partner of Black Bottle IT.  Earlier in his career, John was also part of a company that experienced a cybersecurity breach. That experience fueled his passion for assisting other companies with their cybersecurity needs to mitigate their risk. As Technology Executive and Cybersecurity Advisor, John was recognized as the Pittsburgh CIO of the Year, 2014.  Connect with John here.

5 Tips to Keep Technology at Schools Secure

5 Tips to Keep Technology at Schools Secure

Did you know that the average business manages 162.9 TB of data? Because there’s so much sensitive information on an organization’s server, it’s essential to safeguard your server and applications.


Managed security services are the perfect way to ensure that malware stays out of your system. Here, we’re going to talk about what these solutions do and why they’re essential. Read on to begin protecting your business!


What Are Managed Security Services?

Managed security services are IT solutions that protect businesses from security threats. You subscribe to a package from a managed IT security services provider. In turn, this provider develops a unique plan based on your business’s individual situation to secure your digital data.


This process generally means implementing specialized software that integrates seamlessly with your data storage system. It also means building a security expert network that can respond to potential breaches in real-time. Experts, not just tools, make the difference in response time, reporting, and moving your business forward risk-free. 


Because these security services are typically fully managed, you don’t need to worry about maintenance and upkeep. Managed security providers handle modifications and upgrades for you. They also implement the latest virus/spam blocking, intrusion detection, firewall, and VPN systems to keep you safe in an ever-changing digital world.


Why Are They Important?

First and foremost, you need high-quality security solutions to protect your business financially. A security breach costs a company an average of almost $9 million. If you’re an SMB, it’s unlikely that you have that kind of money.


Sensitive data theft also can cause untold problems for your employees and clients. You likely have employee SSNs stored somewhere within your system. Customer financial information is also often saved to a server. 


When a company experience a data breach, they lose the trust of employees and clients. Not only that, but they will likely have severe concerns about identity theft and future financial problems. This problem isn’t something you want to be responsible for because it leaves you open to lawsuits, shutdown time, and customer loss. 


Real-Time Network Security Monitoring: The Basics

Now that you understand the importance of data monitoring, you must choose the appropriate solutions. Real-time network monitoring is ideal for companies of all sizes.


Traditional monitoring uses analytics tools that only look into at-rest data. Since digital information is changing by the second, this becomes quickly outdated. Users won’t be able to notice new threats until it’s too late.


However, real-time network monitoring solutions like Black Bottle IT offers are different. They showcase only current data so that you can see what’s going on in your data system by the second. You, therefore, will get more relevant information and discover what needs to be done to safeguard your data in real-time.


Streamline Your Security Operations Today

Now that you know why managed services for security are the right choice for your organization, it’s time to get started. Schedule a free consultation to learn more about our managed security services.


Our experts are happy to discuss the best ways to keep your specific digital information secure by meeting your unique needs. We also will help you come up with a payment plan that works for you. Since we’re committed to helping your business succeed with secure and safe information, we look forward to hearing from you soon.