You should always take great care to ensure your company is protecting itself against cybercrime. Mistakes can happen, however, and breaches can always occur. Once your company has been hit with a cyberattack, you’ll need to have an action plan in place to ensure minimal damage to your systems and data.
To help, the members of Young Entrepreneur Council discuss the steps they recommend taking after your business has been affected by a cyberattack. Although opinions differ on the very first step you should take, incorporating all of these action items into your plan in some way will get you off to a great start.
9 Crucial Steps to Take After Suffering a Cyberattack
- Report the attack.
- Prioritize data security.
- Check your bank accounts.
- Record everything.
- Engage an expert.
- Conduct a damage assessment.
- Prevent additional damage.
- Contact your customers.
- Educate your staff.
1. Report the Attack
If your company is hit by a cyberattack, make sure to report the attack to your customers, clients and law enforcement authorities immediately. According to various data privacy regulations, failing to do so can attract huge penalties from regulatory agencies. The security breach itself can be super damaging; you don’t want any other damages to happen. So, take all the necessary steps on time. — Thomas Griffin, OptinMonster
2. Prioritize Data Security
If you have to choose between uptime and security, opt for security. A temporary service outage while you ensure that private data is protected from cyberattackers is more easily forgiven than sacrificing the safety of your customers’ data to keep your service running smoothly. Remember: Trust is difficult to earn but extremely easy to lose! — Bryce Welker, The CPA Exam Guy
3. Check Your Bank Accounts
If your company experiences a cyberattack, the first step should be to contact your financial institutions and banks to check your accounts and ensure their safety. — Stephanie Wells, Formidable Forms
4. Record Everything
The first thing you should do after a breach is record everything you can about the encounter. You’ll want to write down details like timing, IP address and entry point. This information can help law enforcement track down the people responsible for the crime. At the same time, you gain valuable data that you can use to prevent more attacks. — John Brackett, Smash Balloon LLC
5. Engage an Expert
The first step a company should take after being hit with a cyberattack is to engage a computer forensic investigator to determine the extent of the damage and how best to address it. A good investigator will be able to gather and verify evidence, analyze it and then recommend the best course of action for your business. — Syed Balkhi, WPBeginner
6. Conduct a Damage Assessment
The first step you should take after being hit with a cyberattack is to conduct a damage assessment to determine the extent of the breach. This assessment should include a review of all systems and data that may have been affected by the attack. Once you have assessed the damage, you can then develop a plan to remediate and prevent future attacks right away. — Blair Williams, MemberPress
7. Prevent Additional Damage
If your company has been hit by a cyberattack, your first step should be to prevent any possible additional damage, and you can find several ways of doing that. For example, you can reroute your network traffic, filter it or block it altogether. You can isolate the network whose security has been compromised. This action will prevent further damages and keep the unattacked parts safe. — Josh Kohlbach, Wholesale Suite
8. Contact Your Customers
After a cyberattack, you should reach out to the people who may have been affected. Contacting customers and letting them know that they need to change their passwords right away doesn’t feel good, but it’s a necessary step. Plus, you don’t want to wait and explain the situation to your customers after the fact. — John Turner, SeedProd LLC
9. Educate Your Staff
Despite all the precautions and extra protections, without appropriate knowledge about cybersecurity, someone from the team will still make a mistake. So, everyone in your company should know basic things about cybercrime and how to avoid it. If possible, scan and check everyone’s files and laptops to see if they have been infected or if there are things that should be deleted. — Daisy Jing, Banish