What to do when your security is breached #FAQFriday
Happy Friday everybody.
It’s #FAQFriday live from my office in the Lake District.
And this week’s frequently asked questions this Friday is all about what to do after a cyber attack.
I know last week we mentioned what to do to keep yourself cyber safe. But this week, we’re actually discussing what to do in the event that have been under a cyber attack.
So, if you have, you’ve got to confirm the breach. Be really clear, and contact your IT provider or your social media provider and say that you have been under attack, that you’ve received a cyber attack, and also identify whether your information/data has been compromised, because that’s really important, especially for the ICO, the Information Commissioner’s Office, and GDPR; that is vitally important. So, you’ve got to do that straightaway.
Identify the type of attack that you’re potentially under, whether it’s a virus, a phishing, scam, a ransomware, attack, malware attack, spyware or Trojan. Also look at the location of the cyber attack, it’ll help your cybersecurity specialists repair the breach really fast; that is crucial.
Obviously, know what confirmed the breach and know whether you’ve actually been put into a compromised situation.
So, identify the type of attack and then contain the cyber security breach, do not let it keep running. Do not put your head under. under a pillow, don’t ignore it, then contain it. Get your cyber security specialists on to the case straightaway.
And you’ve got to then determine which servers or devices have been compromised, whether it’s your social media, whether it’s your business, whether it’s your data; whatever it is. And then contain it as quickly as possible to ensure that the services and devices won’t also be infected further on or infect anyone else.
So you can disconnect, your internet immediately. Disable any remote access, that’s vital. Maintain your firewall settings, obviously, we’ve got two, three and four factor authentication.
Make sure that you go on and change your passwords straightaway. That’s really important.
Make sure all your security is up to date and install any outstanding security updates. When you turn your devices off, it tends to update for you.
Then assess and repair the security breach damage. It’s important to access and assess and repair any breach as quickly as possible. You’ll need to determine where the cause was, where it all came from. Find out so you can make sure that you prevent the same kind of attack from happening in the future.
And make sure that your team are aware, don’t hide it; don’t pretend it’s not happening. It’s really important that you are clear with the security breach and then report the attack.
Once the attack has been contained, it’s essential to report it to Action Fraud. Also, if you have any personal data that has been compromised, that’s been breached, then under the GDPR businesses are required to contact the Information Commissioner’s Office and inform any customers who’s data has been involved in the breach. Communicate clearly and inform your team.
Your customers need to be notified immediately, especially if the attack the attack has impacted on your customers data, and work with your PR team to decide the best way to communicate the breach. Be clear, be honest, be transparent, because it’s more important to do that than to hide and then get found out later.
Educate your staff, train and develop your staff, and create a Cyber Security Plan so that it doesn’t happen again in the future.
Learn from the experience actually communicate what happened, and how it happened by putting security measures in place to reduce and limit any future cyber attacks.
The amount of people I know, who have similar passwords throughout the whole of the organisation. And it could be ‘hello’ or ‘1234’, etc. You can’t do that.
So you’ve got to be really clear how to protect your business from a cyber attack, now and in the future.
You’ve obviously got to mitigate cyber attacks, and data breaches. So it’s really, really crucial to have a Cyber Strategy, a plan and to understand it. To have the knowledge of why the reason why and how to implement it. And then you can protect yourselves from cyber attack by planning effectively to mitigate the risk and, and have a real community plan.
Review your own skills and knowledge, and determine if you need outside help, outside security.
Review any potential threats and risks, which may affect your business and do a risk assessment.
Be aware of the possible data entry points and potential weaknesses that you’ve got within your organisation and carry out a penetration test and risk risk assessment which can identify any weak entry points to a system, network or website. There is a lot of help out there. There’s a lot of cybersecurity advisors out there.
It’s really important that you take note, prevention is more key than responding to it, and and reacting.
So, prevention is the king rather than reaction. Prevent, detect and respond to security threats, install your antivirus on all systems and keep them up to date. Keep your software browsers up to date and really build your resilience in your business.
Restrict any third party, any staff accessing your IT equipment. And I know it’s difficult, because so many people are working from home remotely. But really look at when you when you’ve got the servers how how safe are you and are they going into a public place and actually using their computers where it’s it’s it’s accessible from all areas, in a cafe or a restaurant or bar etc, or a public hot desking.
So really be be mindful of firewalls, proxies, access lists, etc. and maintain an inventory of all your IT equipment and software. And make sure you identify where the potential cyber risks can happen.
So I hope that’s helped. As always, it’s alison@ajlakes, and we’re here to help and support you for all your business hospitality strategies and planning and making sure that your business is successfully and sustainably running in the right direction.
So give me a shout if you’ve got any questions on this, and good luck and be cyber safe. Remember to not be reactive, but definitely prevention is key prevention plan and proceed with caution.
So I hope that’s helped and supported you Happy Friday, everybody and happy weekend.
Take care. Bye bye
