So, you’ve been breached, what do you do now?

breach

So, you’ve been breached, what do you do now?

Did you know that about 60 percent of small firms lose out their business within 6 months of a data breach? Now that is a scary stat everyone should be aware of. It is not because these firms did not have a proper security system in place that they went under. It is because they were not prepared to deal with it.

Breaches can happen to any firm despite all the security measures taken. Those hackers sure are hard working. But there are quite a few ways to recover from a data breach and show anyone who tries to break you that you are not someone who will break.

Let us start with what you can do to ensure a successful recovery before the breach happens.

 

Before the Breach…

  • Identify all the IT assets you possess.

Know what’s on your network. Using a unique asset id will help you isolate the attacked system in case of a breach.

  • Employ an Intrusion Detection System (IDS) to your network.

IDS will help you take down possible threats and also help in identifying the attack pattern thereby minimising damage. Don’t count your pennies on that.

  • Have an Incident Response Plan (IRP).

You don’t want panic to set in when you have realized a breach. Have a backup plan in hand that assigns roles and responsibilities so that recovery actions will be taken properly.

  • Backup your data.

This is a simple but most effective step to be taken to minimise data loss or corruption. Don’t let those ransomware dudes get the better of you. Just go one as usual with your backed-up data. Do remember to keep it updated and secure as well.

  • Perform frequent penetrative tests.

Perform frequent penetrative tests to figure out any weakness in your security system. Educate employees on possible attacks and create awareness of attacks like phishing.

 

After a Breach…

Now it’s time to move on to what you can do after a breach to help you get back on track with ease.

  • Assess the attack

Determine how much and what you have lost. The moment you realize you have been attacked, you should look into the scale of impact. Figure out what systems were attacked and which databases have been breached. Asset ids and unique authentications should help you with that.

  • Contain the impact

Isolate the attacked system from the network so that no more of your systems get affected. Disable the logins and credentials used by the attacker to breach. Basically, give the attacker no more means to keep poking you.

  • Investigate the attack pattern

This will help you from preventing further attacks. Don’t you want to know how your state of-the-art security systems were finally cracked down? Investigating the attack will give you more insights into strengthening your security.

  • Notify the breach to all involved

Make the breach known to the people who were affected by the breach. You need them to be more careful and aware of the risk. Even the law requires you to do so as it is your responsibility to make any security breach known to the stakeholders involved.

  • Update your security

Replace your security systems with new and updated ones that can further withstand similar attacks. Address your vulnerabilities and take proactive solutions into practice to avoid future incidents.

Make use of your Business Continuity (BC) and recovery plans to restore your systems to full functionality. Put on a strong face with newer stronger security in place.

  • Keep watch for future attacks

Keep an eye out for any possible future attacks. Maintain security measures with the same vigor since the day you establish them. Make sure everyone in the organisation is limited to the cause as well. As they say, a chain is only as strong as its weakest link. So keep your systems up to date and try not to leave any vulnerability unaddressed.

 

In Summary

Securing your data is not only essential but can save your Business from utter disaster.

Protect your data, shield your Business from collapse, Cyber threats are real, and they want your personal information.

Initial IT has been providing technology services and support to small and medium-sized businesses in Staffordshire & beyond for more than 15 years.

Our mission is to drive value with innovative, customer-oriented solutions that give them the edge to compete with their much larger counterparts.

No Comments

Post A Comment