Here's something you don't see everyday in incident response.
Your organization is breached and just days later you are able to start offering two-factor authentication (2FA) as "proof" you care about the cybersecurity and privacy of your customers.
That's what just happened over at genealogy mapping and DNA testing site MyHeritage. Look at this timeline:
The company also issued a statement saying, in part:
"We originally planned to add 2FA for MyHeritage accounts in the July-August 2018 timeframe. But following the recent breach, we promised on June 4, 2018, that we will expedite the development of this feature. We’re glad to announce today, June 6, 2018, that we have completed the development of 2FA for MyHeritage in record time and have released its initial implementation to all users of MyHeritage."
How is this for incident response?
Part timing, because the 2FA implementation was close at hand.
Part hard work to move that 2FA implementation along faster than anyone on the team might have imagined.
Part marketing, with a picture of your team refusing to sleep until solutions are found.
Check out our digital SecureWorld PLUS training course, "Building and Evaluating an Effective Incident Response Plan," for best practices.
And consider cybersecurity attorney Shawn Tuma's advice on who you choose to lead your incident response. It makes a huge difference: