BreachExchange mailing list archives
6 steps to follow in a cyber-attack on your business
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Thu, 10 Sep 2015 19:33:37 -0600
http://realbusiness.co.uk/article/31294-6-steps-to-follow-in-a-cyber-attack-on-your-business Unfortunately, the harsh reality of data breaches and cyber-attacks is something which is facing all businesses these days. You only have to look at the recent influx of high-profile security breaches to realise hackers, viruses, and software bugs are growing increasingly sophisticated. And while there are a number of precautions businesses can take to prevent themselves from attack, sometimes these simply aren’t enough. The interconnectivity of businesses these days, teamed with modern ways of working such as "bring your own device" and remote offices, leaves companies extremely susceptible to attack. For those who find themselves faced with a breach, there are a number of steps which should be taken to ensure an attack is handled appropriately: 1. Don’t panic It's sometimes easier said than done, but panicking is the worst thing you can do. Businesses should keep calm and firstly try and identify the origin of the attack. It's worth considering whether the breach has come from an internal or external source – is a disgruntled employee at fault? Or maybe you've inadvertently disclosed a password to a third party? While the source of a cyber-attack can be extremely difficult to determine, it's worth exploring all avenues so you have all the information possible. 2. Find out what has been taken The notion that hackers are only after money is a common misconception. Rich data is also an extremely attractive target. One of the first steps taken following an attack should be to assess exactly what information has been compromised – an I.T specialist should be able to do this pretty easily. Sometimes it's not as bad as it looks and businesses can actually come away pretty unscathed. If not, pick up the phone and call a trusted advisor right away. 3. Call a trusted advisor If the damage assessment shows a considerable security breach then the expertise of a specialist should be enlisted. Talking to insurers and contacting a legal professional will help determine whether the business is covered and can be fully compensated for its losses. Depending on the individual case and circumstances it might be difficult to make a claim – especially if the business has given out passwords to third parties and this has turned out to be the reason for the attack. 4. Inform the authorities Depending on the scale of the attack, you might have to inform the authorities of what has happened. The Information Commissioners Office (ICO) are responsible for the enforcement of the Data Protection Act 1998, so they will be able to offer help and guidance if the attack isn’t down to negligence on the part of the business. 5. Consider reputation Businesses holding a large amount of customer data will be the hardest hit. Maintaining customer confidence is crucial in this type of attack and a well thought out communications plan will be key. While it's easy for a business to think they're the main victim of the attack, the consequences can often be much worse for the customer. It's also worth noting that you're well within your rights to request that information is taken down from social networks such as Reddit, Facebook and Twitter if it has been uploaded to these channels. 6. Stay vigilant Once the attack has been resolved (as best it can), businesses should fully audit their security policies and procedures, to avoid the same thing happening again. An audit will identify any holes in your current security practices, assess whether procedures were robust enough and being correctly followed, as well as suggesting any areas for improvement, to help businesses stay ahead of any threats. What now? Cyber-crimes are now being reported on increasingly in the press, following a series of high-profile attacks – awareness is undoubtedly growing, which can only be a good thing. The aftermath of an attack can be a whirlwind, and extremely daunting for those that have not been victim to an attack before. However, if the above steps are followed, and a calm and collected head is kept, consequences can be kept to a minimum.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- 6 steps to follow in a cyber-attack on your business Audrey McNeil (Sep 11)