Investigating security breaches and managing contracts with third parties - .PDF file.
You receive a call from your IT team; someone has noticed odd access patterns to one of your key databases containing key confidential information, some of which belongs to third parties who you contract with. Some more checking and analysis takes place and within a few hours, you know with reasonable certainty that someone has been and still is, accessing your and your business partners’ confidential data.
At this stage, you probably have some information but in terms of the total information available about the problem, at this point in time, you probably don’t know that much. It is important to work quickly with IT, the commercial teams who work with the data in question and senior management to understand as much as you can in the next 12–24 hours so that you can decide what to do next.
This might appear obvious — surely just cut off the access to your data? This route ‘solves’ the immediate problem, and may in some cases be the correct approach. However, it means risking severely limiting the amount of information that you can obtain about the breach. In turn, this limits the information you have available to work out the identity of and, if appropriate, pursue the wrongdoers and to feed information about the problem back into the business to improve security. Information security is not just about IT security — it encompasses the whole business and all employees. In those very early hours of working out the scope of the problem, it is also key to review contracts you have with third parties that may give rights to those third parties in relation to data and information security…
If you are registered and logged in to the site, click on the link below to read the rest of the Taylor Wessing briefing. If not, please register or sign in with your details below.