In our last installment, we looked at how to set up a plan for your small business to help prevent cyber-criminals from attacking you. But that isn’t the end of the planning that you need to take as a small business owner and operator. Almost half of all businesses have no response plan once an attack has been made against them. Every second after a cyber attack is critical and it is important to have a rapid-response plan in place to protect both you and your customers and clients. Here are the steps involved in handling a security breach:
- Notify the proper authorities. If there is any type of breach in your security, be it a physical breach (such as a burglary or theft), a network breach or data breach, the first step is to notify law enforcement. If the breach involved personal information from customers or clients, you should also immediately notify them so that they can take necessary precautions (such as canceling credit cards and the like).
- Work together to contain the problem. Once a breach is discovered, this is not the time to assess blame and start pointing fingers. Instead, your company should come together and do everything to contain the problem, including seeking outside help from security professionals or law enforcement.
- Start the recovery. If the security breach involves your network, begin removing all malware or spyware from your system. Take out any “backdoors” which might allow a criminal to have later access to your system. This may involve wiping all of your storage media and restoring data from back-ups, which is why it is important that your IT department keep backups of this data and also be prepared for the labor-intensive task of performing such a wipe and reinstall.
- Have a follow-up meeting with all staff. Once the threat has passed, it is important for all parties involved to sit down and have a “lessons learned” meeting regarding what went wrong, how it was solved, and what can be done in the future to prevent the same kind of attack from occurring. Moreover, the meeting should also include brainstorming to discuss proactive ways that the staff can anticipate future attacks and “head them off at the pass” before they become legitimate threats.
The government’s new “Stop. Think. Connect” initiative is designed to help increase awareness among citizens of the threat of cybercrimes and to help them realize that the ability to prevent these crimes lies in their hands. Just like during World War II when the government encouraged us all to do our part in the war effort, today it is equally important that we all take responsibility to do our part to help stop crime and international terrorism as it takes on a new form in cyberspace.