The Official Barefoot Professional Investigations Blog

With our growing reliance on technology and data across the economic landscape, the number of cybersecurity incidents per year has been growing steadily over the last 15 years. Data breaches alone have steadily increased, with the last five years being the most volatile and damaging. In 2020 alone, the number of reported data breaches that occurred across the United States came to a whopping 1,001 incidents, impacting more than 155 million individuals.

For Charlotte organizations with robust cybersecurity response plans in place, these incidents trigger a series of steps to be taken by the cybersecurity team responding to the incident. The second series of steps in the traditionally 5-6 step response process involves following up with employees to determine the specifics of the breach around what systems were breached, who was involved, and how the breach was detected, amongst other details. While other members of the team work to secure the physical systems and evidence, you should dedicate resources to following up with the employees involved. 

Investigating a data breach isn’t as glamorous or even as dramatic as what you might see on your favorite weekly television. Unless the hackers are extremely bad at what they do, breaches often go undetected for months at a time – IBM’s research shows it takes an average of 280 days for an organization to recognize that a breach has taken place and then take the follow-up steps necessary to contain it. By this point, investigators are already well behind and are playing a game of catch-up. Aside from data logs and digital forensics, investigators are often left with employee interviews as their primary source of information.

In the cybersecurity sector, there is an ever-increasing call for more effective and more frequent training for employees. That’s because most studies show that while breaches and other cyberattacks are a major concern of just about every industry segment, only half of businesses have deployed the necessary antivirus and antimalware software to protect their systems. Instead, they have relied more on employee reporting over systems designed to protect and notify. Further, due to a lack of proper training, it’s estimated that upwards of 75% of attacks were inadvertently caused by an employee’s accidental negligence or lack of knowledge.

Even with the right tools, a cybersecurity forensics investigator can be challenged in finding the right path to discover the nature of a data breach. By talking to employees, investigators can unearth a number of issues that could have resulted in a successful cyberattack.

As specialists in interviewing witnesses and assisting in the forensic investigation following a breach incident, our team of professionals can provide an invaluable resource in assessing and investigating data breaches at your organization. Learn more about our services and how we can help improve your team’s incident response capabilities.

The post How To Investigate After a Data Breach in Charlotte appeared first on Barefoot Professional Investigations.