SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Big Data
#
BI
#
Compliance
Customer-centric cybersecurity incident response vital for businesses
Wed, 28th Feb 2024
By Tim Davoren, Head of Cyber Security, Logicalis Australia

Cybersecurity is no longer just an IT issue; it directly impacts customer trust and loyalty. Customers expect their data to be secure, and any breach can lead to a significant loss of customer confidence that impacts a company’s reputation and profitability. The importance of regulatory compliance and legal obligations mean that governments and regulatory bodies worldwide are implementing stricter data protection laws, such as the General Data Protection Regulation (GDPR) in the European Union (EU) and the Privacy Act in Australia. These regulations require companies to adopt specific cybersecurity measures and to report data breaches promptly to maintain compliance.  

Beyond reporting for compliance needs, business leaders must also do their due diligence to inform customers of any breaches in a timely manner as well as pinpoint the specific customer records breached. Finding a comfortable middle ground between compliance with data protection laws and a commitment to customer welfare is critical. One of the most effective ways to achieve this is by adopting a customer-centric cybersecurity incident response strategy that prioritises the protection of and trust in customer data, according to Logicalis Australia.

Implementing a comprehensive customer-centric cyber breach response is more complex than many organisational leaders realise. A best-practice customer-centric response ensures that organisations maintain compliance with all regulations and are also proactive in building and maintaining trust through transparently demonstrating the safeguards applied to customer data and privacy. It should also develop response playbooks from the customer perspective, that is, beyond how the impacted organisation itself can recover and how the organisation can help its customers mitigate future risks arising from the breach of their information or services.

The most impactful breached data typically resides in databases that may contain a mix of sensitive personally identifiable information (PII), financial data, loyalty rewards, healthcare information, social media accounts, usernames, and even passwords. That is a lot of information and requires specialist skills and experience to identify the breached information. Response teams do not want to make assumptions, which can worry customers and cause major brand reputational damage. However, failing to inform customers and industry bodies accurately and efficiently can do more harm than good. As much as there should be a focus on the appropriateness and speed of response and notifications, businesses should also prepare themselves for a long game. Using advanced investigation methods like database forensics can help organisations pinpoint breaches in specific customer records. This lets skilled response teams qualify and precisely scope breaches, limit the impact of a breach and provide accurate messaging and advice to customers. In some cases, database forensics will even prove that PII governed by notification requirements was not accessed, which would release organisations from having to disclose the incident publicly.  

The speed at which a business can notify customers about a breach and accurately identify the affected data depends on the organisation's supporting security infrastructure and its capability to pinpoint unauthorised activity, as well as the availability of scalable qualified human resources to execute the appropriate response. In practical terms, this requires a skilled and scalable team that is guaranteed to mobilise immediately when a breach occurs to provide adequate customer support and the processes, tools, and systems to manage the customers and their needs in the days and weeks following the breach. More importantly, notifying without the proper details will likely force an organisation to issue further notifications as the incident details become known, keeping its name in the news for all the wrong reasons and frustrating clients even further. The speed and quality of response are ultimately influenced by, firstly, a current and comprehensive understanding of the subject infrastructure and business systems but also the organisation’s ability to investigate forensic data efficiently and effectively.  

However, only some businesses have the requisite resources, infrastructure, and specialist knowledge to deal with the repercussions of a successful cyberattack on their own.  

Successful customer-centric response plans understand the volume of trained resources required to be in place to enable an organisation’s at-risk customers to be notified, to address these customers’ questions and concerns, and to remediate any suspected fraudulent or unauthorised activity. Even the most effective breach response plan will fail to meet the speed-of-notification race without adequate tested capacity and the supporting infrastructure to execute it.
Working with a trusted third-party provider, such as a dedicated managed services provider (MSP), can help to bridge this gap and ensure every business has access to a scalable, experienced cybersecurity support team when needed. Working with an MSP ensures continuous monitoring and management of security infrastructure. It also offers access to the latest cybersecurity technologies and practices. Taking this approach ensures that businesses can enhance their customer-centric offering with a scalable support network. Ultimately, it lets the business focus on customer support and communication while experienced cybersecurity specialists manage the rest.  

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
Australians show interest in using AI for online dating
Jason Haddix joins Flare as Field Chief Information Security Officer
AI tools linked to data exposure in 1 in 5 UK organisations
Top stories
Australian businesses fast-track Microsoft cloud adoption amid cyber threats
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity