9 Crucial Steps to Take After Suffering a Cyberattack

Members of Young Entrepreneur Council discuss what business leaders should do in the event of a cyberattack.

Published on May. 25, 2022
9 Crucial Steps to Take After Suffering a Cyberattack
Brand Studio Logo
Headshots of contributing YEC members
Top row, from left: Thomas Griffin, Bryce Welker, Stephanie Wells, John Brackett, Syed Balkhi. Bottom row, from left: Blair Williams, Josh Kohlbach, John Turner, Daisy Jing.

You should always take great care to ensure your company is protecting itself against cybercrime. Mistakes can happen, however, and breaches can always occur. Once your company has been hit with a cyberattack, you’ll need to have an action plan in place to ensure minimal damage to your systems and data.

To help, the members of Young Entrepreneur Council discuss the steps they recommend taking after your business has been affected by a cyberattack. Although opinions differ on the very first step you should take, incorporating all of these action items into your plan in some way will get you off to a great start.

9 Crucial Steps to Take After Suffering a Cyberattack

  1. Report the attack.
  2. Prioritize data security.
  3. Check your bank accounts.
  4. Record everything.
  5. Engage an expert.
  6. Conduct a damage assessment.
  7. Prevent additional damage.
  8. Contact your customers.
  9. Educate your staff.

More From YEC10 Website Design Elements to Increase Sales and Engagement


1. Report the Attack

If your company is hit by a cyberattack, make sure to report the attack to your customers, clients and law enforcement authorities immediately. According to various data privacy regulations, failing to do so can attract huge penalties from regulatory agencies. The security breach itself can be super damaging; you don’t want any other damages to happen. So, take all the necessary steps on time. — Thomas GriffinOptinMonster


2. Prioritize Data Security

If you have to choose between uptime and security, opt for security. A temporary service outage while you ensure that private data is protected from cyberattackers is more easily forgiven than sacrificing the safety of your customers’ data to keep your service running smoothly. Remember: Trust is difficult to earn but extremely easy to lose! — Bryce WelkerThe CPA Exam Guy


3. Check Your Bank Accounts

If your company experiences a cyberattack, the first step should be to contact your financial institutions and banks to check your accounts and ensure their safety. — Stephanie WellsFormidable Forms


4. Record Everything

The first thing you should do after a breach is record everything you can about the encounter. You’ll want to write down details like timing, IP address and entry point. This information can help law enforcement track down the people responsible for the crime. At the same time, you gain valuable data that you can use to prevent more attacks. — John BrackettSmash Balloon LLC


5. Engage an Expert

The first step a company should take after being hit with a cyberattack is to engage a computer forensic investigator to determine the extent of the damage and how best to address it. A good investigator will be able to gather and verify evidence, analyze it and then recommend the best course of action for your business. — Syed BalkhiWPBeginner


6. Conduct a Damage Assessment

The first step you should take after being hit with a cyberattack is to conduct a damage assessment to determine the extent of the breach. This assessment should include a review of all systems and data that may have been affected by the attack. Once you have assessed the damage, you can then develop a plan to remediate and prevent future attacks right away. — Blair WilliamsMemberPress


7. Prevent Additional Damage

If your company has been hit by a cyberattack, your first step should be to prevent any possible additional damage, and you can find several ways of doing that. For example, you can reroute your network traffic, filter it or block it altogether. You can isolate the network whose security has been compromised. This action will prevent further damages and keep the unattacked parts safe. — Josh KohlbachWholesale Suite


8. Contact Your Customers

After a cyberattack, you should reach out to the people who may have been affected. Contacting customers and letting them know that they need to change their passwords right away doesn’t feel good, but it’s a necessary step. Plus, you don’t want to wait and explain the situation to your customers after the fact. — John TurnerSeedProd LLC


9. Educate Your Staff

Despite all the precautions and extra protections, without appropriate knowledge about cybersecurity, someone from the team will still make a mistake. So, everyone in your company should know basic things about cybercrime and how to avoid it. If possible, scan and check everyone’s files and laptops to see if they have been infected or if there are things that should be deleted. — Daisy JingBanish

Hiring Now
Consumer Web • eCommerce • Marketing Tech • Retail • Software • Analytics • Generative AI