So, you’ve been attacked and don’t know exactly what to do? It’s hard right now but trust me, everything is going to be alright if you follow these steps:
- Stay calm. Panicking and being stressed about the situation is something you want to avoid. It’s bad for your health, you’ll end up with a massive headache and unable to see things clearly. Breath slowly and count to 10.
- Engage your security vendor or your IT vendor. If you don’t have one – I repeat, do not panic. Get a third-party vendor involved so they can start isolating and containing the breach.
- Identify, contain and isolate the breach. Restore from backup and inform your staff about the incident. Shockingly, most attacks remain undetected for weeks before they are discovered. The goal here is to immediately stop the threat before it spreads to the rest of your network and affects more systems and impacts more people.
- Assess the damage and the cost of the attack. It’s vital at this point that you’ve already engaged a third-party vendor so they can objectively assess the situation and provide forensics about the cause of the attack.
- Lock down your system. Make sure that you improve your protection system. If you don’t lock your system down, chances are high that you’ll fall victim again.
- Report the attack. Under some federal and state laws, organizations are required to report a breach within a certain amount of time. Otherwise, they’re liable for the legal and monetary consequences of a delayed report. Work with your cyber attorney to understand the security breach requirements in your state.
- Learn from the incident. Take this as an opportunity to learn and improve your Cybersecurity system. Hire a Cybersecurity vendor if you don’t have one. Conduct audits and invest in software and hardware while creating a culture of security among your staff.
Now you know what you need to do in the event of a cyberattack, the real question is: Have you made sure your system is protected to prevent another attack? If not, keep calm and contact us!