Uber discovered in September that one of its databases had possibly been accessed by a third-party in May. Uber waited 5 months before notifiying its users which is too long by California standards (its home state).
The time allowed to announce a discovered breach differs by state. For example, California is 60 days, Wisconsin is 45 and Florida is 30 days. It is typical for breached companies to complete a full incestigation before reporting to the public. Uber said they are still looking for more information that could help identify who may have taken the data.
3 Takeaways to Help Prevent this Type of Breach
- Install a SIEM system which will alert your support staff immediately if there is an anomaly in system access. This type of system can help you catch attackers red-handed and also prevent issues in the first place.
- Prepare an official incident response policy. When bad things happen, you will want to respond quickly to reduce risk and embarrassment for your organization. This will also help you to respond within your state's legal timeline.
- Ensure your IT security management and support teams are well staffed and trained to respond to intelligent security alerts.
To provide some context surrounding #3 above, The IT goverance organization, ISACA, recently conducted a survey of 1,209 IT professionals in the US. 90% agreed that there is a shortage of skilled cybersecurity professionals. Many organizations are turning to IT security firms to help mature and support their internal security program.
Author: Todd Bey