You’ve Been Breached, Now What?

Cyber attacks on all businesses, but particularly small to medium-sized businesses, are becoming more frequent, targeted, and complex. As much as 43% of cyber attacks are aimed at small businesses, but only 14% are prepared to defend themselves.  So you’ve been breached, now what?  Whether hackers took personal information from your corporate server, an insider stole customer information, or information was inadvertently exposed on your company’s website, avoiding catastrophic losses means you need to act quickly and thoroughly.

1. Stop the Bleed. You will need to move quickly to secure your systems and fix vulnerabilities that may have caused the breach. Deploy your response team who will help determine the source and scope of the breach, collect forensic evidence, and outline remediation steps. Check your network segmentation to analyze whether the breach was contained to a single server.  Update all user passwords. Take all affected equipment offline immediately (do not turn them off).
2. Gauge your legal exposure. Identify the types of information compromised and consult with legal experts who can advise on federal and state laws that may be implicated by a breach. If you’re covered by the Health Breach Notification Rule, you must notify the FTC, and in some cases, the media. If you’re covered by HIPAA Breach Notification Rule, you must notify the Secretary of the U.S. Department of Health and Human Services.
3. Notify, notify, notify. Designate a person for releasing information and who can craft and release appropriate and legal breach notices. Call your local police department immediately to report the situation and the potential risk for identity theft.  If account access information (like credit card or bank account data) has been stolen, but you do not maintain those accounts, notify the institution that does so it can monitor the accounts for fraudulent activity. If you collect or store personal information on behalf of other businesses, notify them of the data breach. Consider offering free credit monitoring to individuals whose personal information may have been compromised and refer them to FTC help.
4. Learn from your mistakes. Review your cyber security posture including alert, prevention, and response systems and procedures. A Managed Security Services Provided (MSSP) can help you develop and implement a strong cyber security posture. Get started with a free self-assessment.