Houston, Texas (PRWEB) March 04, 2013
E-Investigations, a Houston, Texas based computer forensics and investigation firm finds that hundreds of millions of pieces of personal information are exposed in data breaches every year, and unfortunately for those who are victimized by such incidents; it seems that nearly all of them were easily preventable. In a study of nearly 1,500 data breaches suffered last year and tracked by the Open Security Foundation - a total that was up 35 percent from 2011 - it was found that there were about 242.6 million records were exposed last year alone, according to a new study by the nonprofit Online Trust Alliance. However, some 97 percent of those investigated would not have taken place if the organization responsible for protecting the data that ended up being exposed had adopted industry standard best practices for safeguarding it, including having internal controls. In all, only 26 percent of breaches examined were the result of either internal threat by knowing employees or accidental exposure.
"Businesses of all sizes are targeted for data mining; but it’s the small and medium sized businesses that are being overwhelmed by the hackers, and exposing sensitive information," said Gary Huestis, Director of Digital Forensics at E-Investigations. "Having a comprehensive data breach plan and updated security settings is the responsibility of every business, otherwise they put consumers, employees, companies and shareholders at an unacceptable risk."
A data breach response plan is a course of action intended to reduce the risk of unauthorized data access and to mitigate the damage caused if a breach does occur.
Here are 10 crucial steps of data breach response planning:
There is also financial incentive for businesses to adopt a data breach response plan, with the most obvious being the cost of mitigation following such an incident. Last year alone, organizations that suffered data breaches paid some $8 billion to cover associated costs. E-Investigations also found that one of the biggest problems that can cause these incidents is that many workers are now storing sensitive private data on personal devices they bring with them to and from work, significantly increasing the chances of exposure in the real world, the report said. As such, more controls likely have to be put in place to make sure this data is properly protected.
It is essential to hire third-party experts such as E-Investigations rather than using the internal IT department personnel because that way they can ensure that the evidence is handled appropriately. Computer forensics experts can maintain a proper chain of custody, avoid data spoliation and authenticate the evidence. Additionally, an important factor to consider is that, unlike internal IT staff, third-party experts do not usually know the suspect personally, reducing the risk of them sabotaging the hard drive to help or to incriminate the suspect.
E-Investigation's Computer Forensic Investigators follow the trail and decipher the information regardless of whether the evidence is digital, such as electronically stored information found on computers, tablets, mobile phones or other devices or if the investigation requires traditional private investigative services. E-Investigations' tools and techniques include surveillance, undercover work and detailed record searches. The final product helps our clients gain a deeper understanding of what has happened or what is occurring. The gained clarity and discovery of truth allows our clients to quickly respond and recover.
Gary Huestis is the Director of Digital Forensics at E-Investigations. Mr. Huestis is an EnCase certified examiner and a licensed private investigator.
Call us toll-free at 877-305-4935