Some Tips for a Cybersecurity Incident
January 28th is Data Privacy Day – a day to raise awareness and promote privacy and data protection best practices. In recent years, cybersecurity threats and incidents have become common and are a legitimate concern for businesses (and their customers), no matter the business’ size or industry. Employee education and training can be effective tools for reducing the risk of a cyber incident and mitigating damage if one occurs. The National Cyber Security Alliance recommends every business create a culture of privacy by “educat[ing] employees about their role in privacy, security, and respecting and protecting the personal information of colleagues and customers.”
To further those education goals for Data Privacy Day, provided below are some tips businesses can share with their employees to help protect against a cyber incident.
- Create strong passwords using acronyms, and/or a combination of letters (some in CAPS), numbers, and symbols
- Notify their information technology department and the affected business entity by phone immediately if they suspect a cybersecurity incident
- Follow any established company protocol (data breach plan) for a cybersecurity incident
- Provide their contact information and remain reachable by phone to further discuss the event when they report a suspected cybersecurity incident
EMPLOYEES SHOULD NOT
- Power down their computers, mobile devices, or other hardware if they suspect a cybersecurity incident
- Attempt to fix the issue themselves by running programs, including anti-virus software in lieu of reporting the potential threat
- Continue to use the compromised equipment or report a cybersecurity incident using the compromised equipment
- Open any malicious spam e-mail which can download additional malware onto computers or forward a malicious email to others for investigation
Vigilance is the best defense against cybersecurity threats. On this Data Privacy Day 2016, these tips, compiled from various sources, outline simple tasks that can enhance individual and business awareness about the protection of sensitive information, allowing everyone to be #PrivacyAware.
For questions about cybersecurity, please contact Jonathan Klein (215.864.6887; firstname.lastname@example.org), Laura Schmidt (215.864.6333; email@example.com) or any member of our Cyber Law and Data Protection Group.