Even if you think that your company is completely safe and you can never be hacked, you’re probably wrong – thousands of businesses experience security breaches every day and it’s most likely only a matter of time until your company becomes one of them, unless you put a lot of effort into cybersecurity, of course. But if your company has already been hacked, here’s what you should do step-by-step:
Keep all evidence of the hack and act quickly
Even though you might be tempted to clean up the mess and erase evidence of the security breach, you shouldn’t do it, as it will help your response team to deal with the attack and even serve as evidence in court. Instead, have an incident response team ready to go in case of a hack – once you suspect there has been a security breach, it’s important for them to react as soon as possible, as even a few minutes can save you thousands of dollars. For instance, if an employee has fallen victim to phishing, you can inform the rest of your company to prevent additional breaches.
Contain the security breach if your company is hacked
Once you identify and verify the breach, you may be inclined to shut down your entire network until the issue has been dealt with, however, this can cause you major financial and reputational damage if your operations are shut down entirely. Instead, have your incident response team identify affected devices or applications and quarantine them to prevent malware from spreading. It’s also important to check for any backdoors that hackers may have created in your system to have access to it even after the breach has been identified.
Take time to recover after your business has been hacked
While you may want to quickly remedy the aftermath of the security breach and spring back into action, it is important to take time to thoroughly clean your systems and computers. One of the first steps you should take is cleaning all affected devices and installing the most recent backup before your computers have been hacked or infected with malware. You should also change all passwords that hackers may have gained access to, as well as all the passwords that are used company-wide.
Disclose the hack
Even though quietly cleaning up the result of a security breach can seem like a good idea at first, depending on your field, you may be required to disclose the security breach to law enforcement and to various regulatory agencies. It’s also a good idea to consider disclosing the breach to your clients, suppliers and other stakeholders, as it’s always better to come clean and control the narrative than to have your breach exposed in an unpleasant manner by someone else.