The worst has happened–a hacker found a weakness and you’re in the middle of a cyberattack. Whether your organization is large or small, being hacked can be a devastating experience. The average cost for a small business is $108,000 and some companies just can’t recover.
So what should you do if your organization gets hacked? Here are some of the most important steps that you should take.
1. Identify the Attack
Your first step is to scan for any malware or viruses that may have been installed on your systems as a result of the hack. This can help you get a better sense of the full impact of the attack and will help minimize further damage.
A 2016 IBM & Ponemon Institute study found that, “leveraging an incident response team was the single biggest factor associated with reducing the cost of a data breach – saving companies nearly $400,000 on average (or $16 per record).”
Your team should verify the attack by:
- Finding the compromised systems
- Determining which IP addresses were used in the attack
- Confirming the type of attack (Virus? Malware? Unauthorized remote access? Human error?)
2. Change All Your Passwords
After you have notified the proper authorities and your insurance company, it is important to change all of your passwords. This not only includes your organization’s login credentials, but also any other online accounts that may have been compromised as a result of the hack. Ensuring that you use strong and unique passwords can help prevent future attacks.
3. Review Your Security Policies and Procedures
If you have an incident response plan (and we hope you do), now is the time to bring it out. This will help you identify any gaps or weaknesses in your organization’s defenses so that you can take steps to improve your overall security posture moving forward.
Your plan should be a living document that is regularly updated to reflect the latest best practices.
An incident response plan should include things like:
- Contact information for key personnel
- A list of steps to take in the event of a hack, such as accessing backups
- A description of how to scan for and remove malware and viruses
- Best practices for creating strong and unique passwords
- Data from security tests and vulnerability assessments
By having a plan in place, you can help ensure that everyone in your organization knows what to do in the event of a hack or other security incident. You can create an incident response plan on your own, but a managed IT provider would help you to develop a strategy that will cover all of your bases.
4. Notify the Proper Parties
Don’t forget to notify the proper authorities. Depending on the type of data that was compromised, you may need to contact local law enforcement, the FBI, or another federal agency. You should also notify your insurance company as soon as possible.
Although it may hurt your credibility a little bit, you’ll need to inform your customers if their data is at risk. Consider how much more damaging it would be for a company that tries to hide a data breach and then is discovered to have withheld information.
5. Improving Your Overall Security Posture
Finally, once you have taken these initial steps to recover from your organization’s hack, it is important to focus on improving your overall security posture. This may involve implementing new security measures, such as two-factor authentication or stronger password requirements, in order to help prevent future incidents.
One of the most important, but often overlooked, aspects of data security is employee education and training. All too often, employees are the weak link in an organization’s security chain.
They may not be aware of the latest threats or how to avoid them, or they may be careless with their passwords or otherwise negligent in their use of company systems and data. By investing time and resources in regular employee training, you can help ensure that your organization is secure from the inside out.
AIS Can Help with Prevention and Recovery
As an experienced security firm, AIS can help your organization improve its overall data security posture and minimize the impact of any future attacks. With extensive experience in incident response and recovery, we can help you get back on your feet quickly so that you can focus on rebuilding your business instead of dealing with a costly data breach. Contact us today to learn more!