Having a recovery plan created before an attack occurs is critical. Make and practice an incident response plan to contain an attack or incident and maintain business operations in the short term.
Even when we take all the precautions we can, incidents can still happen. Being prepared to respond in a thoughtful and comprehensive manner will reduce risks to your business and send a positive signal to your customers and employees.
The good news is, preparing to respond to a cyber incident is in not unlike preparing for other events that could impact your business like natural or manmade disasters. Building your cyber incident response can tap your other operational knowledge and experience.
Quick Wins
- Disconnect the affected computer(s) from the network and connect with IT leadership (Whether that’s internal to your organization or a third party vendor), law enforcement and your legal representation.
- Utilize spares and backup while continuing to capture operational data.
- Switch to paper. Are electronic records unavailable? Have processes for operating by paper to keep the business functioning. You need to understand how you would access some key information if your systems were down.
- Familiarize yourself with your state’s data breach notification law.
Additional Resources
AT&T
Federal Bureau of Investigation
Federal Communications Commission (FCC)
Federal Trade Commission (FTC)
- FTC Complaint Assistant helps you file a complaint, whether you’re reporting identity theft, a scam, unwanted messages, credit and debt issues or another concern.
- IdentityTheft.gov can help you report and recover from identity theft.
- Data Breach Response Guide
- Actions Steps to Take Immediately After a Hack is Identified
National Conference of State Legislatures
U.S. Department of Homeland Security