Today’s dependency on digital systems has meant businesses are under constant pressure of suffering a data breach. In the event of a data breach, cyber criminals could get access to a business’s most sensitive and high-value data, the result of which can be catastrophic. Financial losses, legal consequences and damaged reputation are consequences that can stem from a data breach. It is more crucial than ever to consider additional cybersecurity measures to mitigate future data breaches from happening.
For instance, in June 2024, several organizations were targeted by cyberattacks. One of the largest health maintenance organizations (HMOs), with 1.8 million members, had personal information of 13,000, or 1% of its membership, exposed. In another case, a leading fast-food chain conglomerate in the country had approximately 11 million of its customers' delivery records compromised, including sensitive data such as birthdates and senior citizen identification numbers.
Two private companies have also confirmed data breaches following claims by a cybersecurity enthusiast group that customer data was being offered for sale online. The National Privacy Commission reported that one company, operating in the real estate sector, notified it of a breach on June 1, while another company in the automotive industry reported a breach on May 14.
These incidents highlight the urgent need for businesses to not only implement robust cybersecurity measures but also to continuously update and improve them.
Here are some additional steps that businesses can take to enhance their cybersecurity posture:
Immediate steps for businesses
Assessment and Confirmation
Confirm the breach with concrete evidence before taking action
Watch for signs such as unusual login attempts, network slowdowns, abnormal account activity, file changes, and suspicious data access
Review service providers' access privileges, ensuring they address vulnerabilities promptly
Monitor financial accounts closely for unusual activity to detect potential scams early and report them promptly. Regular monitoring helps identify signs of fraud and protects against identity theft
Secure Vulnerabilities
Quickly secure systems and rectify vulnerabilities to prevent further breaches
Immediately disconnect affected equipment, monitor access points, replace compromised devices, and update credentials
Remove any exposed personal information from websites and ensure it's not archived elsewhere
Secure and isolate physical devices involved in the breach, including computers and servers
Consult legal experts and engage external privacy and data security professionals. Coordinate with insurance providers and risk consultants before resuming operations
Secure accounts by updating passwords and PINs, especially for banking and credit card accounts, to mitigate risks associated with compromised data. Please also do not use a common password across key accounts.
Documentation
Gather evidence of the breach and conduct thorough interviews with involved parties
Ensure clear communication channels for forwarding critical information and document the investigation process
Preserve all logs or records when obtaining information, and do not delete them
Notify the Affected Parties
Notify the National Privacy Commission promptly and adhere to reporting requirements
Provide a detailed notification describing the breach, affected sensitive information, mitigation measures, contact information, and support for affected individuals
Inform relevant institutions about compromised account access information to monitor for fraud
Notify affected businesses about breached personal information to facilitate necessary actions
Implement Improvements
Conduct a comprehensive post-breach review to evaluate response effectiveness, detection speed, communication protocols, impact assessment, and lessons learned
Identify areas for enhancing security measures and compliance to bolster resilience against future incidents
Understanding the causes and similarities of rising malicious cyber activities is crucial for effective preparation and mitigation. By improving your cyber strategy, you can improve defenses against cyberattacks.
At Lockton, we understand that a comprehensive cyber risk management program is crucial for protecting your balance sheet, preserving your reputation, and enabling growth. Our tailored approach provides access to resources, including specialists for cyber incidents, ransomware payment facilitation, and computer forensics. This coverage includes IT consultants, breach counsel, privacy attorneys, and public relations specialists. Our cyber risk experts work closely with you to assess your current cyber risks and craft a customized solution that addresses your business's needs for holistic risk management.
For further information or for a consultation, please contact Eunice Park via eunice.park@lockton.com (opens a new window) or Lockton Asia at enquiry.asia@lockton.com (opens a new window).
Please also visit our Cyber and Technology webpage (opens a new window) for more information.