We’ve said it before and we keep on saying it: in this digital day and age, you shouldn’t ask yourself IF you’ll be hacked, but WHEN. This is why we’re going to tell you in a series of blogs what should be done (and by whom) to deal with the consequences of a cyber-attack. This is the first blog, so let’s get to it.
Step 1: What the hack?!
Determining if you’re dealing with a cyberattack is crucial even if there’s just the slightest hint of a hack. Time is of the essence here, so it's up to the Online Security and Development/IT department to act quickly. Detecting a cyber-attack as early as possible is vital. The faster the hack can be identified and contained, the lower the costs to deal with the consequences (Ponemon Institute, 2018).
Development, IT, management.
Survival Tip: Minimise the risk
The best thing you can and should do is minimise the risk of a hack. Don’t just rely on IT to safeguard your company or organisation, but - if it’s your concern - get involved and make sure your cybersecurity is on par. We can help you with this, explore our website and/or download our brochure to learn what we can do to protect your business.
Step 2: Mobilize the Incident Response Team (IRT)
After confirmation of a hack, the so-called ‘golden hour’ begins - a period in which every single minute counts. Your first concern should be to call the IRT, a dedicated (in-house or external) team trained to deal with cybersecurity incidents. The IRT should have a predefined response plan for this kind of incident and is responsible for resolving the attack and informing management, marketing/PR, finance and the board. Having an IRT on stand-by makes as huge difference in reducing the costs of a cyberattack.
IRT, development, management, marketing/PR, finance, the board.
Survival Tip: Tippy toes and rubber gloves
Think of a digital crime scene as you would a physical crime scene: trampling evidence or cleaning things up can make forensic tasks difficult, if not impossible. So, don’t forget to secure the digital crime scene and preserve evidence before the IRT goes to work.
That’s it for now, stay tuned for the next blog containing more valuable information about the next steps in surviving a cyber-attack. In the meanwhile, we suggest you read our other blogs, explore the website and/or download our brochure. Or leave us a contact request so we can get in touch with you. Cheers!
Zero Days of Love ♥️ | our CTO explains CDI pipelines and his role in OWASP. If you’re interested...
Written by Zerocopter
May 10, 2021
Share this blog: