The previous part of this post discussed tips that the Office of the Privacy Commission of Canada (OPC) issued in anticipation of the November changes to the Personal Information Protection and Electronic Documents Act (PIPEDA). Those tips fell under the first two of four directives they offered. We cover the remaining tips under the last two directives, “Don’t Forget About Hackers Either” and “Breach Containment and Preliminary Assessment”.
Don’t Forget About Hackers Either
Word-play aside, the OPC highlights that prevention technology is only as good as its last update, and that patching of critical software (like operating systems) is necessary to remediate vulnerabilities. However, their suggestion that you implement and monitor advanced systems may not be realistic for many small to medium-sized enterprises; monitoring could mean three shifts a day, seven days a week. Further, having adequate coverage for complete visibility across the network and all network is not financially feasible for most organizations. Engaging an MDR service like ours is a lot more affordable when compared to that labour cost, let alone the cost of the technology needed to equip a cybersecurity team like that.
Tip 9: Maintain up-to-date software and safeguards
Our MDR Service includes our proprietary Hygiene Analyzer, which ensures you have all the information you need to keep your systems up to date. We prioritize the vulnerabilities in your environment so that you know exactly which updates, on exactly which systems, will have the most impactful result to reduce the risk of a breach.
Tip 10: Implement and monitor, intrusion prevention and detection systems
It’s in the name; our managed detection and response service does enable our Threat Hunters to actively monitor your environment to detect threats. This, coupled with your existing prevention technology (anti-virus and Firewall) is much more effective than an IPS, and more affordable for SMEs. If you already have an IPS, we can add its logs to our platform to improve our performance.
Breach Containment and Preliminary Assessment
The recommendations made by the OPC are solid, but may take considerably more resources to put together than the few bullets they have listed. From forensics, to assembling an incident response (IR) team, to escalating communications, there are significant investments of time, planning, and developing rigorous processes necessary to achieve these goals on your own. You can review our own incident response steps here for a framework.
Tip 11: You should take immediate common-sense steps to limit the breach
Our ability to limit breaches exceeds the “common-sense” options available to an IT generalist. Why? Our Threat Hunters think like hackers, to know their next moves and get in front of them. Plus, they can use our Endpoint Detection and Response sensor to immediately delete malware, kill processes initiated by hackers, remove access of users that have been compromised, and quarantine machines to prevent spread of infection. These critical components of our response capabilities mean that once a breach is identified, its spread can be prevented immediately.
Tip 12: Prevention of future breaches
The combination of our threat hunters, the report we provide which enables you or a partner to remediate vulnerabilities, and our advanced incident response service help with preventing future breaches. But, of course, if you were to be breached again you would have our service at work to reduce the impact of a subsequent breach anyway.
Ultimately, the OPC is interested in protecting the personal information of Canadians; the recommendations they offer are designed to prevent breaches, limit access to personal data when breaches occur, and respond to breaches to reduce the risk of such information being exposed. Our motivations at ActZero Networks are completely aligned, and our suite of services can enable your business to act in keeping with these recommendations provided by an authoritative, external, government body.
Perhaps the OPC could’ve just issued one tip for businesses trying to reduce the risk of a data breach:
Engage ActZero Networks for Managed Detection and Response, and Virtual CISO services. If you want to understand how we do it, request a demo today, or contact us to speak with an expert.
Related Content: Check out our other Regulatory Compliance posts!