Most businesses today are taking cyber security highly seriously. With threats from viruses, hackers and other cyber crimes all being rife, it is more critical than ever that companies employ robust information security tactics to protect their business and their stakeholders.
Sometimes, however, even the best security system can become compromised. In this event, it is important to know what steps to take to ensure the impact is minimised so business can continue as usual as soon as possible. Here’s what to do if your cyber security has been breached.
1. Contain the Breach
First off, take whatever steps are necessary and possible to contain the breach as far as possible. Depending on the type of breach, this may involve placing your credit files or bank accounts on freeze, changing access rights or recovering files. Do not shut down the system if possible as this would result in loss of evidence.
2. Appoint a Lead
Immediately move to appoint someone to be the lead person in dealing with the breach. Have them notify your cyber security company and get them started on a preliminary assessment to uncover where, why and how the breach occurred.
3. Notify the Essential People
Depending on the type of breach and the structure of your organisation, this many include directors, the police, the ICO or an internal investigation team.
4. Evaluate the Risks
Start thinking about what the risks of this breach are, and who could be affected as well as how. If people outside of the organisation are at risk, it may be pertinent to notify them sooner rather than later so that they can take steps to protect themselves. Think about the longer-term implications of this cyber security breach, and consider whether this may expose you to further breaches in the long or short term.
5. Prevent a Future Breach
In order to protect yourself from a similar breach in future, it is essential you have experts in cyber forensics working with you to pinpoint the cause and means of the original incident. Not only will this allow you to put in place more robust measures of security, but in some cases the sophisticated methods used by these experts will allow you to track down and prosecute the perpetrator.
The most important thing to remember is not to panic. Only inform those people who really need to know at this early stage, and allow your cyber forensics experts to step in and handle the situation for you. Every breach should be treated as serious until the full extent is understood, so don’t gloss over it in the hope it was just a blip.
Who should be on your Team?
When a breach occurs, having the experts in Cyber Security at NCC on hand to help will be a highly valuable asset. Their cyber forensics response team are incredibly skilled in this area, and will be able to respond rapidly and efficiently to give you the best chance at tracking down the criminal. They have extensive crisis management experience, letting you focus on keeping the business moving while they rectify your information security issues.