The First Steps In Handling A Network Breach
Top of Form
The first steps that your company takes after determining that its network has been breached can make the difference between quick containment and a building situation that increases in cost and damage by the minute. Here are the first steps to take if you are advised that your network has been breached.
* Recognize the situation for what it is – A network breach has to be handled as quickly and objectively as possible to minimize potential damage. This means that denial or panic will only make matters worse and delay the successful implementation of a solution. Clear your head and start the process of mitigating the breach.
* Shut down access to your network from mobile devices and computers to start the process of isolating the breach – Generally speaking, shutting down the network will freeze the attack in place and prevent deeper and wider access into the network while also preventing the outbound transmission of information and/or data.
* Bring in the professionals – Considering the growing sophistication of cyber attacks, you’ll want to supplement your internal IT team with expertise specific to the type of attack. The areas of focus from outsourced professionals will include the determination of the point of entry, whether “back doors” have been installed to allow access in the future, collecting forensic information, repairing damage, and restoring systems.
* Notifying customers and authorities if personal or financial information was accessed during the breach – States, agencies, and industries have disclosure notification protocols when customer information is accessed in a network breach. Depending on the scale of the breach you may also want to retain counsel to ensure that your business covers all related legalities.
* Fix the network weaknesses that enabled the breach – If a successful breach has occurred, you can bet that the attackers will return at some point in the future to try again. The first thing they will likely test will be the vulnerability that enabled access the first time around.
Network breaches require an immediate and efficient response. By taking these steps first, you can minimize damage and get back to running your business as quickly as possible.
The first steps that your company takes after determining that its network has been breached can make the difference between quick containment and a building situation that increases in cost and damage by the minute. Here are the first steps to take if you are advised that your network has been breached.
* Recognize the situation for what it is – A network breach has to be handled as quickly and objectively as possible to minimize potential damage. This means that denial or panic will only make matters worse and delay the successful implementation of a solution. Clear your head and start the process of mitigating the breach.
* Shut down access to your network from mobile devices and computers to start the process of isolating the breach – Generally speaking, shutting down the network will freeze the attack in place and prevent deeper and wider access into the network while also preventing the outbound transmission of information and/or data.
* Bring in the professionals – Considering the growing sophistication of cyber attacks, you’ll want to supplement your internal IT team with expertise specific to the type of attack. The areas of focus from outsourced professionals will include the determination of the point of entry, whether “back doors” have been installed to allow access in the future, collecting forensic information, repairing damage, and restoring systems.
* Notifying customers and authorities if personal or financial information was accessed during the breach – States, agencies, and industries have disclosure notification protocols when customer information is accessed in a network breach. Depending on the scale of the breach you may also want to retain counsel to ensure that your business covers all related legalities.
* Fix the network weaknesses that enabled the breach – If a successful breach has occurred, you can bet that the attackers will return at some point in the future to try again. The first thing they will likely test will be the vulnerability that enabled access the first time around.
Network breaches require an immediate and efficient response. By taking these steps first, you can minimize damage and get back to running your business as quickly as possible.
Source...