The majority of successful companies of today are well aware of common data security issues and put a great deal of trust into their own efforts towards preventing a data security breach. However, as demonstrated by recent security breaches of several large, tech-savvy companies such as Target, LivingSocial, Facebook, Gmail, and Twitter, no set of security measures is completely infallible to a breach. What businesses of today have to then consider is: what is your plan of action after a data breach when your security and data loss prevention measures have failed? We set out to get some pro tips from data security experts on what they would consider to be the best practices for after a data breach has already occurred. To do this, we asked 30 data security experts to answer this question: "What's the most important next step you should take following a data breach?" We've collected and compiled their expert advice into this comprehensive guide on what to do after a data breach. See what our experts said below: Meet Our Panel of Data Security Experts: Oleksandr Maidaniuk Jay Botelho Andrew Avenessian Jason Maloni Stephen Ward Robert Ellis Smith Eran Sinai Arnie Bellini Nasir N. Pasha Scott Dujmovich Jibey Asthappan Darren Guccione Andrea Eldridge Reg Harnish Johnny Lee Engin Kirda Michael Fimin Alan Baker Greg Kelley Fred Menge Adam Roth Matt Malone Jason Nielsen Ashish Mohindroo Lee McKnight Anne P. Mitchell Edsard Ravelli Bill Rosenthal J. Wylie Donald Jon Schildt Oleksandr Maidaniuk Oleksandr Maidaniuk is the Head of Quality Assurance Solutions of Ciklum Interactive Solutions with rich experience of dealing with various types of software solutions including client-server enterprise applications, real-time systems and educational desktop software. He has a strong background in such testing methodologies as Agile model and V-model and is especially capable in analysis of business requirements and test planning. His expertise is in applying wide range of software testing methods and test design techniques (static and dynamic: structure-, experience-, specification-based). The key step to manage the data breach if it already took place is... COMMUNICATION: both internal (inform employees and involve everyone able to help, i.e. tech specialist, client service managers, PR & communication team, etc.) and external (direct mailing to the clients, official media release - and, if necessary, also interview to the profile press). Basic rules in this case are: Be open and sincere. Admit if the fault was on company's side and accept responsibility. Provide details. Explain why the situation took place. Mitigate. Make conclusions out of the disaster and describe solutions for affected users. If possible, prepare a special offer for the affected audience. Educate. Explain how to prevent similar issues in the future. Invite to dialogue. Involve your clients, industry experts, analysts, media people and general public to the broader discussion about the source of the problem. Usually, such approach will allow you not only to minimize the negative impact of an IT security accident, but (when implemented correctly) will show your company as the reliable and transparent partner, which is able to operate correctly even during the crisis situation. Jay Botelho @wildpackets Jay Botelho is the Director of Product Management at WildPackets, a leading network analysis solutions provider for networks of all sizes and topologies, and has been with the company for more than nine years. His key areas of expertise include wireless networking, handheld devices, database software and applications, embedded software and network management software. The most important step to take after a data breach is... To understand the root of the issue. Engineers can use forensics to analyze traffic and instantly determine the root cause of an event, entirely removing guesswork and problem reproduction from the equation. Effective forensics provide these four key capabilities: Data Capture: Capture all traffic, 24x7, on even the fastest links Network Recording: Store all packets for post-incident, or forensic analysis Search and Inspection: Enable administrators to comb through archived traffic for anomalies and signs of problems Reporting: Through data capture and analysis, results of investigations are logged and network vulnerabilities are reviewed and analyzed post-mortem. Perhaps most importantly, forensics solutions capture data 24/7 and automatically analyze all data collected in real time, which means all the data you need for analysis is available at a moment's notice. Whether the problem with your mission-critical app is across the room or across the world, forensics gives you immediate access to the most detailed analytics available to get to the root cause of an issue. Andrew Avanessian Andrew Avanessian is the Executive Vice President of Consultancy and Technology of Avecto, a security software company that sees security as an enabler. Nearly half of security leaders believe a major security breach will happen in the future, yet the post-breach plan that IT decision makers have in mind is fundamentally flawed. Why? These plans are reactive when they should be proactive... I recommend spending less time trying to close the door after the horse has bolted and instead move to a proactive security model. While it might seem like a complex and arduous process, it can actually be quite simple. Many organizations fail to meet even the very basic security steps recommended by the SANS 'First Five' or the Australian Department of Defense, which highlight tactics that create a more defense-in-depth approach to security. For instance, while perimeter technologies like firewalls can prevent against certain types of external attack, it cannot block malware that has already found its way onto endpoints within an organization. Organizations should instead create a multi-layered strategy that incorporates solutions like patching, application whitelisting and privilege management, which will help limit the pathways for malware to obtain sensitive data. Implementing these proactive technologies is crucial, but organizations must ensure they do not come at the expense of worker productivity. It's a difficult balance to strike - the Internet ultimately creates a gateway for malware to enter organizations, yet users require constant connectivity to do their jobs. Here is where solutions like sandboxing come into play, isolating Web browser threats behind the scenes, while employees are able to work freely and without compromising the organization.

Endpoint protection defined in the first installment of our Data Protection 101 series.

"Because that’s where the money is."

27 Data Security Experts Share The #1 Most Cost Effective Way a Startup Can Protect Itself From a Data Breach

Leveraging a SIEM for a more connected security ecosystem

Digital Guardian Employees March to Raise Awareness for Veteran Suicide and Post Traumatic Stress

Protecting Data in a Global Manufacturing Environment

Cloud computing is quickly becoming a mainstay for many technology companies today because of its superior flexibility, accessibility, and capacity compared to traditional online computing and storage methods. But just like traditional storage and data sharing methods, cloud computing comes with its own set of data security issues.

We're fresh off National Cyber Security Awareness Month and chances are you heard enough security company names over the past few weeks to make your head spin. From software vendors and service providers to analysts, conferences, and organizations, the information security industry has grown into quite a large and noisy space. But don't dismay - we've created an Information Security IndustryScape to provide a snapshot view of the players in the infosec landscape today. Whether you're new to the industry or an information security veteran, we think this infographic will come in handy for staying on top of who's who in the security zoo :-). We've tried our best to be as exhaustive as a 1200x900 pixel space will allow, but it's inevitable that in a rapidly moving industry like ours, this may not be comprehensive. Think we left someone out? Let us know in the comments! We'll continue to update this infographic periodically to keep it as current as possible. Add this IndustryScape to Your Website for free! Small Version Infographic by Digital Guardian Large Version Infographic by Digital Guardian

Hybrid Managed Services Offer the Best of Both Worlds for Security Deployments

Texas Fracking Companies Targeted in Industrial Espionage

Final in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers

New Survey Suggests that Enterprise Data is a lot more Fluid than You Think - With File Sharing Apps a Major Contributor

Our collection of the most insightful and informative InfoSec blogs from the industry's foremost thought leaders.

Acquisition of 2014 Gartner Cool Vendor Extends Digital Guardian Data Protection to Cloud and Mobile Devices

Eighth in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers

Seventh in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers

We asked 34 experts what the biggest mistakes companies make with data security are. Here's what they had to say.

Did you see the Nova special Rise of the Hackers? I was stunned by an experiment they conducted:

Sixth in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers