What To Do When Your Organization Has Been Breached?
So, what happens when your organization suffers from some kind of breach such as encryption theft or destruction?
Does your organization have data backups or an incident response plan?
If you already have an organization with a strong cybersecurity background, contact them immediately and follow their lead.
Since its too late for an incident response plan, let’s talk about what you can and should do if you don’t have one.
If you’re on your own, here are some steps you can follow but I want to be clear, these steps are if you don’t have an experienced party working with you at the moment (like…um…Simplex-IT, maybe?). And absolutely document, document, document what you’re doing!
But there are 4 focused steps:
First, stop the bleeding, if you can. Get the best team you can together (both business and tech) and figure out how (ie credentials, network segmentation) you could slow things down.
Second is get an idea of what the exposure is. What types of data has been compromised (and how).
Third, notify. Start sharing the bad news. This includes law enforcement. And try to identify a single person to traffic information.
Fourth, time to learn. What happened? How could it have been prevented?
If we can help please contact us here!