How OneLogin Responded to Its Breach and Regained Customer Trust
April 16, 2019
Mo Moin (1471 articles)
Share

How OneLogin Responded to Its Breach and Regained Customer Trust

Data breaches have become ubiquitous in today’s businesses. In a world where companies of all shapes and sizes can become cyber attack victims, how you handle a data breach becomes critically important.

Maersk and Norsk Hydro were praised for their clear, concise, and transparent messaging and response to major ransomware attacks that crippled their operations. DoublePulsar’s Kevin Beaumont labeled Norsk Hydro’s “the best incident representation response plan I’ve ever seen,” and good incident response is good for business. Norsk’s share price at the time of this writing is actually higher than it was at the time of the incident, which resulted in the company reverting to largely manual operations in parts of its manufacturing business and estimated losses in excess of $40 million in lost productivity for the first week of the attack alone.

On the other hand, Equifax’s response to its 2017 breach was labelled a “haphazard and ill-conceived dumpster fire” by Brian Krebs. The company took over a month to reveal the breach and the terms of service of the website dedicated to responding to the incident included a waiver for joining any future class action lawsuits.

Identity and access management (IAM) provider OneLogin suffered two incidents in 12 months. Despite that setback, the company has recovered and recently secured a new round of funding, thanks in part to learning from its mistakes and showing customers how it has changed its security posture since then.

This post How OneLogin Responded to Its Breach and Regained Customer Trust originally appeared on CSO Online.

Read More