What to do in the event of a cyber attack

What to do in the event of a cyber-attack.

If you are a small to medium sized business, you may feel there is no need to worry about your cyber security – this is definitely not the case. Cybercriminals are well aware of the lack of investment amongst SME’s and prey on this notion. In short, SME’s are easy prey, and because of this, at some point, most will become a victim of a cyber- attack. The thing that separates you from a victim will be the ability to deal with the attack.

Step 1: Do not panic

First things first, don’t panic. It’s undoubtedly a horrific situation to find yourself in, but by staying focused throughout the process, you will be able to handle the attack and fight back much more quickly.

Step 2: Communicate to key stakeholders

As part of your Disaster Recovery strategy, key stakeholders across the business should be aware of their roles in the event of a cyber attack. HR, for instance, should be in charge of employee communication. IT should be involved in containment and recovery and marketing will be responsible for external communications. As soon as an attack is identified, mobilise the team and put your planning into action.

Step 3: Contain and Detect

One of the most important steps you can take from a technical perspective is to secure the IT systems and contain the breach. Identify what part of the network has been compromised and isolate it ASAP. If the virus has started to spread, it may be necessary to shut down the entire IT network.

Identifying how the breach has occurred will help to prevent a similar attack happening again in the future. It could have stemmed from an online attack such as phishing or ransomware, or it could be due to a data leakage caused by a lost laptop.

Step 4: Recover

Once the breach has been identified and fixed, you can start to recover your business operations. Switching to backup servers will bring back any information saved prior to the breach. If you haven’t done so already, now is the time to inform your customers and suppliers. Ensure you include information on steps you’re taking to prevent a security breach in the future.

Step 5: Be proactive and reflective

Finally, it is important to stay current with the latest cyber security. Educate employees on popular attack methods and continue to develop and educate all IT and security staff within the business. You should make sure all staff understand what happened, so you can all work together to ensure it does not happen again. It is important to reflect on the attack and understand why it happened, how it happened and what could’ve been done to prevent it. You should then put policies and procedures in place to ensure that it does not happen again.

Discover More

Sophos-XG-Firewall V17
Synchronised Security