Even though it might have been devastating to your systems, employee morale and customer confidence, if your company is hit by a cyber attack, how you approach your recovery can make all of the difference. First, don't panic. Instead, focus your energy on taking back control of your network and protecting the business from loss. This is important because rash, random decisions could be irreversible, and could actually help the attacker. Secondly, seek guidance from legal counsel, business managers, human resources, public relations and the IT department. Third, make an investigative plan that includes points of contact, identification of the assets you most want to protect, business goals, and the detailed technical steps you plan to use to reclaim your compromised network. Your response plan should be provide guidance and structure around your actual response to minimize mistakes and costly downtime. This involves investigating the incidence, making a remediation plan, remediating the incident, and following up on the remediation plan to make sure it was implemented properly. And keep your goal right in front of you. Don't continue to spin your wheels on investigative steps, such as trying to identify the attacker, if it does not further your primary goals. Afterwards, fine-tune your response policy for future incidences.
Read more about recovering from a cyber attack:
- read the article at Optimize
