A major data breach is like quicksand... the more you struggle with it and panic the worse it gets.
Put yourself in the shoes of a few of the major organizations that have had high-profile data breaches due to compromised applications or web sites lately... the more they struggle and fight, the worse things appear to get.
Why is this?
Remember that the enemy you're fighting on the digital battle field isn't like the one out on a real battlefield, there are no castle walls.
Typically, by the time you've been breached and a major event has transpired you're front-page news and Elvis has left the building.
More appropriately, your absolutely business-critical intellectual properly has left the building(s).
At this point, struggling - a la posturing - like many organizations do will make things worse.
I say this with certainty because I've now watched that train wreck in slow motion at least 3 times in the last month and a half or so... as have all of you.
So what to do? I think I covered this already... back here in the blog post titled "Sony's Catastrophic Security Problem..." so there's no need to re-iterate, but I will leave you with a few pieces of advice...
- stop panicking - you'll just make things worse for yourself
- focus on stopping the bleeding - now is not the time to go after the hackers
- stay out of the news - don't make headlines by issuing statements, giving defiant quotes or threats to the hackers
- trust nothing - in other words, if it hasn't been properly secured and it's not business-critical turn it off
- apologize, demonstrate competency by outlining a restoration plan
- don't spend money wildly - money won't solve your problems, only make you more broke
- execute faster than ever before
This isn't rocket science, but I felt it needed to be said.
Cross-posted from Following the White Rabbit