By the time you realize that you have been the victim of a data breach, it’s too late to take proactive steps to deal with that breach. From that moment, you are left reacting to the facts as the situation unfolds. The breach could have happened months or years ago and the damage has been done. Anything you do now is remediation or preventative steps against future breaches. The problem with this is that it is often hard to fully understand what this could mean for you when a breach does happen. The best you can do at that point is assess the situation and try to avoid similar issues in the future.
We can see this playing out right in news that is breaking about a SolarWinds breach. You can get up to speed on it at ZDNet. The SolarWinds breach is already being identified as one of the most significant breaches because of who and what it targeted. The Wall Street Journal wrote, “One person familiar with the matter said the campaign was a “10” on a scale of one to 10, in terms of its likely severity and national-security implications.” It looks like Russian foreign intelligence may have been behind the breach and that they may have had access to sensitive information for months. Of course, we will continue to get a better picture of what happened and what the damages are, but right now it looks like this breach was well planned ahead of time and planted in the supply chain. In other words, someone got a backdoor into some otherwise trusted security software and then waited for it to be in place before exploiting it. As the government and security professionals scramble to assess the situation, there is not much, if anything, that can be done to reverse the damage.
It is an unfortunate reminder that even when you plan ahead to defend against a breach, you will never be invulnerable. Keep watching this developing story to see how bad things can get and what type of contingencies you may need to be planning for in the future.