The steps a business owner takes after a cyber attack can have a big impact on the company’s reputation, continued survival and bottom line. Just like business owners create business continuity plans after a disaster or emergency, they should also have a plan for what to do after a cyber attack or security breach.
Monte Robertson, CEO of Software Security Solutions, warned that most cyber attacks today are designed not to be noticed.
“Once you recognize that there has been an attack, review your security software logs to determine whether the attack used known or unknown malware and through which workstation or workstations the malware entered the network,” Robertson advised. He also urged business owners to disconnect the vulnerable workstations from the network and thoroughly clean the malware out of them and then restore damaged files using backups.
If the cyber attack involves compromised customer data, business owners also have a legal obligation to notify their customers. Tim Hogan, head of elite services at business, financial and insurance services provider Alper Services, advised that business owners check their state’s privacy laws to determine their legal obligation regarding reporting customer data breaches. He added, “If you do business across state lines, you must also comply with the laws of every state you operate in.”
Karen Kessler, partner at public relations firm Evergreen Partners, warned, “If data from customers has been compromised, it is critical to reach out immediately and share what has happened, reassuring that there are systems in place to limit the extent of the damage.” Kessler advised that this communication not be done via e-mail. “There should also be some calls made and personal visits to key clients, “she said, “Reassure, reassure, reassure.”
After a cyber attack business owners also need to reassess their company's security policies. Minda Zetlin, co-author of “The Geek Gap: Why Business and Technology Professionals Don't Understand Each Other and Why They Need Each Other To Survive”, suggested business owners analyze how the mistake was made.
“Make sure people in your company are aware of how security can be breached inadvertently by them,” said Zetlin, “The ways in which employees can breach their own technology is infinite so they need to be really conscious of what types of information they are sharing.”
Security breaches that happen from within a company often impact employee morale warned Zetlin. “People in the company are likely to feel betrayed,” she said, “In this case a business owner needs to communicate with their tech people and employees about what happened and what to watch out for in the future.”