Despite all the preventative efforts you may take to protect your business, the cyber-attack world is growing exponentially. Combating the cybercrime epidemic is a constant game of cat and mouse and so you must always be prepared to act if an attack. In the event your business falls victim to malicious cyber-attacks, ransomware or data breach, there are several steps you need to take at once in order to minimize the damage and protect your company's reputation.
First, stay calm. The negative impacts that a cyber-attack can have on your business are significant so acting on emotions is not the way you should approach this situation. You should notify your IT department at once.
Next, you will need to put your cyber incident plan into effect.
What is a Cyber Incident Response Plan?
A cyber incident response planning strategy is a set of tools and written procedures that your security team can use to identify, eliminate, and recover from cybersecurity threats. This plan is designed to help your team respond quickly and uniformly against any type of external threat. ANP recommends your Cyber Incident plan is written down and reviewed each year with all executive staff and IT employees.
This plan should outline how to deal with a ransomware attack or data breach and will help to prevent further damage. If you do not have a cyber incident plan it's important that you talk with your IT department, executive leadership and create a written plan, and test it regularly to ensure it works.
BENEFITS OF A SECURITY INCIDENT RESPONSE PLAN:
There are several obvious benefits mentioned above as to why you need a cyber incident response plan, but there are other benefits, such as fulfilling industry regulatory requirements. Likewise, having a cyber incident plan can aid in obtaining the best cyber insurance possible for your organization.
- The organization is well prepared to respond and recover from cybersecurity attacks.
- The personnel responsible for the response and recovery efforts are well trained and understand their responsibilities.
- Satisfy organizational and regulatory compliance requirements.
Your incident response plan should include steps such as:
Your cyber-Incident response plans ensure that responses are as effective as possible. These plans are necessary to minimize damage caused by threats, including data loss, abuse of resources, and the loss of customer trust. Here are several steps that you should include in your plan in the event of a cybersecurity incident.
- Step 1: Notify your IT department immediately so they can contain the cyber-attack if they have not done so already, (Shut down the internet and power off your firewall and switches. Do NOT turn off or restart any devices as this may remove valuable forensic data).
- Step 2: Advise everyone to refer to event as a “cyber incident” don’t use language like “ransomware attack”, or “cyber-attack”, because you do not have enough information to make that statement yet.
- Step 3: Contact your cyber insurance company to open a cyber incident. They will be able to determine if a claim is needed, as well as get you a team of 3rd party experts involved for forensic investigation, litigation, PR needs, (more on this step below).
- Step 4: Consider your IT infrastructure a crime scene, do not make any changes until you are told to do so.
- Step 5: Keep a log of events. Determine what data was compromised.
- Step 6: Establish a team of employees and insurance contractors and begin holding conference calls. (Ideally you have an insurance company employee, forensics contractor, your IT team and a lawyer and Exec leader on every conference call.)
- Step 7: Do not tell your employees what is happening. Do not issue any press releases to vendors or clients, until told to do so from your Cyber professionals.
- Step 8: Do not turn off and back on any equipment (The power cycle can cause illicit scripts to run which will further damage your IT infrastructure)
Every organization is different, so you may need extra steps or fewer steps. The most important thing to remember is that it should be uniform and executed upon as quickly and effectively as possible.
ANP recently published a webinar: Secrets to Buying Cyber Insurance for Small Businesses on YouTube page. This webinar provides small business owners and IT decision makers with tips to get the best premium possible. During this webinar we answer the who, what, where, when and why about cyber insurance for small businesses and provide you with 7 recommendations on what you need to do today to prevent ransomware or another form of a cyber-attack. By following these steps, you can help to minimize the damage caused by a ransomware attack or data breach.
In today's business climate, you simply cannot assume a security breach won’t happen to you. At ANP we detect, analyze, and fix your vulnerabilities, run penetration testing, security audits and more.
If you were recently hit with ransomware and you would like to ensure this never happens to your business again, contact ANP today at 215.572.0111 and visit our Managed Cyber Security page on our website to learn what we do to keep our clients secure.
Likewise, if you are not sure your business is adhering to the industries best practices for cyber security, we're here to help. We're happy to conduct a Cyber Liability Assessment to determine how your current security practices stack up and make our expert recommendations on how to improve your security posture.
In today's business climate, you simply cannot assume a security breach won’t happen to you. At ANP we detect, analyze and fix your vulnerabilities, run penetration testing, security audits and more.
If you were recently hit with ransomware and you would like to ensure this never happens to your business again, contact ANP today and visit our Managed Cyber Security page on our website to learn what we do to keep our clients secure.
Likewise, if you are not sure your business is adhering to the industries best practices for cyber security, we're here to help. We're happy to conduct a Cyber Liability Assessment to determine how your current security practices stack up and make our expert recommendations on how to improve your security posture.