Companies are becoming more diligent about safeguarding their data in order to prevent an attack from a hacker or other type of threat. This is definitely a smart move in today’s technology-centric environment. Preventative measures can go a long way to help mitigate the problems that will arise from a successful hacking event. However, in the event your organization does get hacked, here are 5 cyber security tips that can help you handle the event and get your company back up and running as quickly as possible.
1. Pull the Plug
For those that have a hacked on-site server, unplugging it will prevent it from further infecting anything else. For those who use cloud-based servers, disassociate completely from the infected server and then turn it off. This is a good test as to whether or not mission-critical functions for your organization were properly separated from each other.
2. Restore a Backup
The fastest way to recover from a hack is to restore previous data and software from a point in time when you know that your systems were clean. Restoring to a previous point is much less time-consuming than re-configuring everything by hand. Those organizations who have made it a priority to run regular backups will fare better than those who treated backups as an afterthought.
3. Investigate the Hack
IT staff can now investigate as to who conducted the attack and where and how it was accomplished. Contact all users to determine whether a phishing attack was part of the hack as well. Your IT staff should create a list of any affected files and check log files to determine when the breach occurred, although it is possible even log files may have been compromised. Again, this is another test as to whether an organization’s ability to quickly notify users is capable or not.
4. Be Upfront with Stakeholders
It is best to be forthcoming to all those affected by a hack. Doing so may very well help mitigate the problems stemming the breach. Users will also appreciate the honesty and integrity presented by your organization while being the bearer of bad news.
5. Evaluate and take Corrective Action
Once you’ve recovered from an attack, now is the time to review what went wrong and what helped to recover more quickly. IT staff can deliver a plan that will correct any obvious security leaks and outline the steps needed to recover even more quickly and with minimal damage in the event of a future attack. Storing log files on a separate server, applying patches and updates diligently, and training employees on good work practices that promote cyber security are just some of the things that might prevent another breach or at least help in recovery.