Use the right tool for the job.
Remember that old saying?
Whether you’re talking about fixing a sink or dealing with a data breach, the saying holds true and here’s why.
Several months ago a large business realized it had been hacked. They recently contacted Sera-Brynn, but only after it called upon its third-party IT support company to remediate and recover from the incident.
When the IT company came in, they assured them no data was taken and that all was seemingly good to go.
In situations like this, an IT company will often take steps like wiping all the devices and performing a full restore from an offsite backup. While these steps may be part of how to respond to an incident of this nature, it’s neither thorough, nor enough.
The troubling part is that the business will often not know any better.
At any rate, life was good for this large company for awhile (or so it seemed).
The reason Sera-Brynn learned of the breach was because the company was contacted by law enforcement who reached out with evidence that their sensitive human resources (HR) data, along with proprietary company information, was stolen (after the initial incident) and currently for sale through various markets on the dark web.
The IT support company did not take the necessary steps to identify how the breach occurred, what data was compromised, where the attack came from, and so on (the very steps Sera-Brynn takes after a breach).
Wiping and reloading will not help identify and close security gaps that may have been taken advantage of by the attackers in the first place.
While IT support does have some overlap with security, the two are far from being the same thing. Accordingly, when dealing with an Incident Response situation, consider using a specialist.
Sera-Brynn brings specialized cyber skills, extensive knowledge of incident response procedures, and forensic solutions to get your business back online quickly, safely and securely.
A good IT company is a valuable tool for your business, but may not be the right tool for the job.