6 moves to make immediately following a data breach

A quick resource guide on higher ed strategies for reducing the budget bite
By: | July 24, 2019
Mitigating cyber attacks requires working with experts, notifying potential victims and minimizing reputational impact. Regardless of the number of records and type of information exposed, here are the costs and a list of what to do after a cyber attack.

Higher ed institutions are attractive hacker targets—storing a wealth of Social Security numbers, financial information and intellectual property. A 2018 Verizon report found that institutions were often pursued for such information, which can be used to commit identity theft or to gain access to research.

Mitigating cyber attacks requires working with experts, notifying potential victims and minimizing reputational impact. Even with insurance, cleanup efforts can be expensive.

Regardless of the number of records and type of information exposed, here are the costs and a list of what to do after a cyber attack.

1. Assemble a forensics team

This is an immediate must-do for a college that finds its network has been compromised. A forensics consulting company can determine how the breach occurred and the steps to repair the system to prevent another attack. In some cases, an investigation can be done in-house, eliminating the expense of an outside consultant.

2. Contract for legal services

Lawyers specializing in information security help a university navigate the response after a cyberattack and determine how breach laws in each state apply. All states, as well as the District of Columbia, Puerto Rico and the U.S. Virgin Islands, have passed laws requiring private or state organizations to notify people when their personal information has been exposed.


Read: Cyber insurance checklist: 4 ways to avoid missteps in purchasing


Colleges may be required to notify credit reporting agencies in addition to individuals who have been affected if a certain threshold of exposed records is reached.

The potential for litigation is another reason to line up legal services.

Consider cyber insurance to combat data breaches

More higher ed leaders are purchasing cyber insurance policies because of the considerable rise in attempted data breaches across campuses. The benefits of such policies can offset data breach costs.

Insurance can help pay for everything from conducting a forensic investigation to notifying people whose records have been exposed.

Beyond costs, not every college or university knows how to respond to a breach. In addition to cyber insurance, some firms offer breach coaches and 24-hour hotlines manned by law firms to help organizations navigate the steps to take after a cyberattack.

3. Notify possible victims

Hiring an identity protection company—such as AllClear ID, IdentityForce or Symantec—to handle notifications and provide credit protection services can add up to one of the largest expenses. The firm can provide a call center for students and staff to contact after they are notified of a breach and offer one year of identity repair services to help people restore their credit if information is used.

4. Develop a public relations response

After uncovering the facts of a data breach, college officials may have to take the case public and respond to media inquiries. Using a consistent message to present facts by sending emails to students and employees, posting information on the college’s website, and contacting parents helps limit reputational damage. This strategy even has the potential to elevate the brand and generate trust among community members. While the speed of getting out information is important, it shouldn’t be prioritized over facts. Don’t attempt to win points on transparency by going public with the wrong information.

5. Harden your computer system

After a cyberattack, hire an IT security company to evaluate the breached computer system and recommend steps to prevent another intrusion. Campus officials should look at where sensitive information is stored, how it is transmitted and who can access it.

Also essential: installing software that monitors the system to detect if a breach has occurred and creating procedures to communicate possible problems. Protecting the network may require hiring additional IT staffers to coordinate the security effort.

6. Ensure employees have their defenses up

Educating faculty and staff on how to prevent malware and hackers from gaining system access is important. They should always be on the lookout for phishing attempts that try to get them to reveal passwords and other information, for example. Security is everyone’s responsibility.

Read the full original story on the hard costs of a data breach.


Interested in technology? Keep up with the UB Tech® conference.