When you realise that your business has been successfully hacked, a lot of questions run through your mind.
- How were we hacked?
- Why were we hacked?
- Did they steal our data?
- What happens next?
- Are we going to be in financial or legal trouble?
If you haven’t dealt with the consequences of being hacked before, it can be a confusing and frightening experience.
The outcomes can range from offering compensation to those affected, receiving a regulatory fine, improving your cyber security systems, or none of the above. It all depends on your specific circumstances.
In this blog, we are going to discuss what you should do when you realise that your business has been hacked. If you don’t have a cyber security partner, the following steps are vital to containing the damage and following proper protocol. If you do have a cyber security partner, this will differ, but we will cover that too.
Contain the damage
Before doing anything, you need to contain the damage that the cyber-attack has caused. Immediately conduct a full antivirus and antimalware scan on every device possible. In many instances, this will locate the cause of the breach and prevent any further damage from being caused.
Unfortunately, if the attack was more insidious, a different approach will be required. For example, day zero or insider attackers can be much more difficult to contain. If you’re unsure, the best thing to do is to contact a cyber security expert, like Wizard Cyber.
Alert your web host
Almost all cyber-attacks will impact your website in some way. Even if you think it hasn’t, you must contact your web host and inform them of the situation.
They will ask you for as much information as you can provide and will offer assistance and recommendations. Alerting them enables them to place extra protection on your hosting presence and alert you of any unusual behaviour.
Inform customers
For smaller businesses, there’s an inclination to try and solve the problem before informing customers about a breach. Don’t do this. Customers will notice and the problem will become worse if you remain radio silent about it.
As soon as you know what has happened, contact your customers through email, social media and, if possible, SMS/WhatsApp. Let them know what has occurred and what type of information has been compromised, as well as what you are doing to resolve the issue.
This transparency and honesty will help to mitigate the reputational damage you may suffer and allow your customers to take their own measures to protect their data.
Seek legal advice
Once you know what’s happened, it’s important to seek legal advice. Data protection, breaches, and hacking laws are constantly evolving and changing, depending on where your business is based around the world.
By speaking to a legal expert, you can find out how liable you are, whether you owe compensation to those affected, and what steps you should take to ensure you are compliant with all of the necessary laws and regulations in the future.
Upgrade your cyber security
After you are a victim of a cyber-attack, it’s vital that you take stock of your situation. Identify where your cyber security system went wrong and be proactive in improving it for the future.
Don’t just target the areas that caused the data breach. Endeavour to put in place cyber security procedures and systems that will protect your entire business. The rate at which cybercrime is evolving, you need to protect as much of your business as you possibly can to lower your risk of being a victim again.
If you aren’t sure how to go about this process, then…
Consult your cyber security partner
It’s time to speak to an expert. A cyber security provider, like Wizard Cyber, can help you in a variety of ways. From assessing your existing security state to diagnosing problems and implementing a complete cyber security system.
Wizard Cyber specialise in cyber security for SMEs, meaning that we provide systems and support designed specifically for smaller businesses. Rather than offering off-the-shelf products, we work with you to create a cyber security solution that protects your entire business.
If you don’t have the expertise in-house, this is the best solution to ensure you are protected in the future. It also provides peace of mind for not only your business but your customers as well.
Interested in finding out more about Wizard Cyber’s cyber security services for SMEs? Get in touch with us today. Our cyber security experts will be happy to discuss your requirements, provide advice and guidance, and answer any questions you might have.
