Telling the truth about SME life today

Business Law & Compliance

-

Published

6 steps to follow in a cyber-attack on your business

3 Mins

Share via

Unfortunately, the harsh reality of data breaches and cyber-attacks is something which is facing all businesses these days. 

You only have to look at the recent influx of high-profile security breaches to realise hackers, viruses, and software bugs are growing increasingly sophisticated. 

And while there are a number of precautions businesses can take to prevent themselves from attack, sometimes these simply aren’t enough. The interconnectivity of businesses these days, teamed with modern ways of working such as “bring your own device” and remote offices, leaves companies extremely susceptible to attack.

For those who find themselves faced with a breach, there are a number of steps which should be taken to ensure an attack is handled appropriately:

1. Don’t panic

It’s sometimes easier said than done, but panicking is the worst thing you can do. Businesses should keep calm and firstly try and identify the origin of the attack. 

It’s worth considering whether the breach has come from an internal or external source – is a disgruntled employee at fault? Or maybe you’ve inadvertently disclosed a password to a third party? 

While the source of a cyber-attack can be extremely difficult to determine, it’s worth exploring all avenues so you have all the information possible. 

2. Find out what has been taken

The notion that hackers are only after money is a common misconception. Rich data is also an extremely attractive target. 

One of the first steps taken following an attack should be to assess exactly what information has been compromised – an I.T specialist should be able to do this pretty easily. 

Sometimes it’s not as bad as it looks and businesses can actually come away pretty unscathed. If not, pick up the phone and call a trusted advisor right away. 

3. Call a trusted advisor

If the damage assessment shows a considerable security breach then the expertise of a specialist should be enlisted. Talking to insurers and contacting a legal professional will help determine whether the business is covered and can be fully compensated for its losses. 

Depending on the individual case and circumstances it might be difficult to make a claim – especially if the business has given out passwords to third parties and this has turned out to be the reason for the attack. 

Continue reading on page two…

Share this story

How to get and keep customers with gifts and rewards
Read more
Embrace the positives of the Living Wage and deal with the negatives
Read more
Send this to a friend