Author : admin | Monday, 14 October 2019
How to Respond to a Cyber Attack? Now that you are informed about the right tools to detect a threat, it’s time to plan your response strategy. Response cannot be delayed, and must be a very fast counter action on the treat is detected in a flash. Why?
The Clock Is Ticking When a Threat Is Detected
Don’t wait for a hacker to strike before developing your incident response plan. For smaller manufacturers, even a small security breach can have an immense impact on their operations. Taking action straightaway will empower you to better contain or lessen the impact of a cyber attack.
Develop a Plan for Information Security Incidents
When developing your response strategy, think the immediate actions you and your employees will need to take in case of an incident. Your response plan should include:
Roles and Responsibilities
- Who: Make a list of who to call in the case of an incident. It is important you understand who will make the decision to initiate recovery procedures and who will be the key contact with appropriate law enforcement personnel.
- What: Ensure That you have a plan for what to do with your data just in case of an incident. This may perhaps include shutting down or locking your computer systems, moving your information to a backup site, and/or physically getting rid of important documents and sensitive materials.
- When: Determine when to alert senior management, emergency personnel, cybersecurity professionals, legal council, service providers, or insurance providers. Make sure to include all relevant contact information.
- Type: Your response plan should explain the sorts of activities that constitute an information security incident. Include incidents such as your website being down for more than a specified length of time or evidence of information theft.
Know Your Notification Obligations
Be aware that many states and countries have notification laws that require businesses to alert customers if there is a chance their information was stolen, disclosed, or otherwise lost. Acquaint yourself with international, state, and local laws regarding notification obligations and include that information in your response plan.
Further include guidelines on when to notify appropriate authorities. You should contact your local police to file a report whenever there is a possibility that any personal information, intellectual property, or other sensitive information was compromised. Just remember, you and your employees should fully understand your role in your cybersecurity response plan. Develop procedures for each job role that describe exactly what the employee is required to do if there is a cybersecurity incident. When everyone understands their role in your response plan, you can act quickly and mitigate the potential damage.