If you have seen the headlines in the past few months, you know that companies are being hacked every day. If it’s not your company today, it could be tomorrow. The truth of the matter is small to large companies face this threat. However, though we know the number of cybersecurity breaches have increased every year, there is less known about what comes after the hack? Here are some critical steps to take if your business has been hacked:
- Find out what happened.
In order fully understand the magnitude of a company’s response to a hack, you need to get the full picture. Everything from which computers and accounts were compromised to which data was accessed or stolen and whether any other parties — such as customers or business partners — were affected. Though this process can be costly and extensive, its needed in order to fully address the problem and to prevent it from happening again.
- Contact law enforcement.
If your company discovers that its data has been compromised, you should check with state laws and regulations for your legal obligations to report the breach. If the data breach puts at risk critical business or client information, you need to contact the police as soon as possible. On top of being a victim of a cybercriminal attack, getting in trouble with the law will only add undue problems and stress to the process.
- Notify affected businesses.
In most cases, other businesses you work with, including bank and credit issues, will also be affected by the breach in data. To help protect your business partners and clients from harm, immediately notify them of the breach. Especially, if you know that personal Social Security numbers were compromised, you should reach out to major credit bureaus to seek additional information or advice. Response rate to stakeholders is extremely important for both protection and public relations reasons.
- Implement your incident response plan.
This is now a good time to remind every company that you should have an incident response plan and it should be updated at least once a year. Everything from telephone trees of legal, IT and vendors who can hip with customer outreach should be included. Additionally, it should include all potential vulnerable areas that should be looked into and protected. Though there are many challenges with incident response plans, they are the key to a successful and accurate response after a breach.
- Learn from the experience and prepare for next time.
Did you learn where the breach occurred? And if so, did you learn how to protect against it in the future? You may think that once the perpetrators have been revealed or the security breach has been disclosed, the potential danger has just disappeared and that can’t be further from the truth. In today’s cyber world, cybercriminals are extremely difficult to apprehend and bring before justice. Therefore, the same perpetrator or similar ones can strike again. It’s important to always see where your security and response plan can be improved.
Don’t learn the lesson the hard way, being prepared and avoiding breaches is the best route to avoid incident. However, if your company is hacked, a swift and intentional response is key. Want more tips? Check out the schedule at this year’s Secure360 Twin Cities conference—we have some great ones available for learning just these kinds of tips!