I'm dealing with a situation where a colleague received a suspicious phone call claiming to be from our bank, stating that they stopped an unauthorized check cashing attempt using our company's info. This has led our C-suite to worry that we might have been compromised and they are demanding a full analysis, along with various precautionary measures. While it seems the bank might be at fault, I need to know how to effectively prove that our systems haven't been breached.
5 Answers
One approach is to emphasize that proving a negative is really tough. You can highlight potential breach points in our systems and confirm that there's no evidence suggesting any of them were compromised. It's more about showing due diligence than finding proof of nothing happening.
Realistically, you can't guarantee that nothing happened. Presenting your findings as "It appears that nothing unusual occurred" is about the best you can do. If there were no signs of a breach in logs or activities, document that thoroughly.
Activate your incident response plan. Ideally, the C-suite will fund a third-party investigation to validate your stance. Just be aware that these investigations often uncover issues regardless of your security measures, which is both good and bad.
Find out what specifically worries your C-suite and create a plan that addresses those concerns. If the issue is related to bank account info, frame it as a finance issue rather than an IT issue. You might want to suggest resetting passwords for finance personnel as a precaution.
You can reassure management by suggesting preventative measures, like implementing positive pay to mitigate unauthorized checks. Also, remind them that most of this information can come from public domains - it’s a scam tactic, not necessarily a breach.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures