In light of last September’s Equifax data breach event – along with new proposed cybersecurity legislation – the document destruction business sector has an opportunity to enhance their cybersecurity best practices and create new, recurring revenue by offering breach response services to its business accounts.
Here are four lessons learned from the Equifax breach that can support your document destruction clients:
Lesson #1 “the Equifax Affect,” where a company such as Equifax, with more financial and IT resources than most companies in the US, cannot prevent a data breach event from ever happening.
In Equifax's case, their data breach event affected 145 million U.S. consumers where information breached included names, Social Security numbers, birth dates, addresses and, in some instances, driver's licenses numbers.
Lesson #2 “response and recovery,” where Equifax failed in multiple ways to respond in a timely and responsible manner. First, and with irony, the Equifax breach happened because the company failed to fix a software flaw that federal officials had warned about months before. But to make matters worse, Equifax waited nearly six weeks to notify the public after learning of the hacking event.
When this crisis happened, Equifax’s failed management response resulted in its chief information officer and chief security officer “stepping down” and its CEO “retiring.”
Lesson #3 “the future of cybersecurity laws” could include the potential for criminal action for officers and board members of any size organization. CSOonline.com released an article titled The year ahead in cybersecurity law, where CSO states that “major legal cases and proposed state and federal legislation will shape how companies respond to and attempt to mitigate cybersecurity and data privacy risks.”
Lesson #4 “industry best practices should include response and recovery” as Risk and Insurance Magazine highlights in this article titled Cyber Threat Will Get More Difficult, where General Michael Hayden, former head of the Central Intelligence Agency and National Security Agency, and current principal at the security consultant the Chertoff Group, stated that “companies should focus on response, resiliency and recovery when it comes to cyber risks.”
According to Hayden, “companies are focusing on the vulnerability aspect, and responding by building high walls and deep moats to keep attackers out.” He said “If you do that successfully, it will prevent 80 percent of the attackers.”
“But that still leaves 20 percent vulnerability, so companies need to focus on the consequences: It’s about response, resiliency and recovery,” said Hayden.
In an era of growing data breaches, businesses that partner to offer data breach response services, can differentiate themselves, helping to attract and retain customers, while incrementally growing revenue.
All businesses need strong document management policies - and strong document destruction companies need strong data breach response partners to support their business clients.
Request a WebEx by Vero to learn about unique solutions to enhance your cybersecurity best practices and create new, recurring revenue by offering breach response services to your business accounts.
Jim McCabe is the SVP, Identity Theft Solutions for Vero, LLC. He has developed his subject matter expertise in ID theft & data breach solutions and has contributed to industry publications and blog sites, while consistently speaking for conferences and webinars to foster awareness and education of best practices.