My cyber security advice to any IT team I have ever work with is to always plan for the worst but hope for the best. To some it might sound realistic and to others it might also sound superstitious. We know that It’s too late to start to deal with a cyber attack once it happens and that is why it’s absolutely important to implement a cyber crime crisis management plan that you can deploy immediately after a cyber attack to secure your network, limit the damage and begin the recovery process.
Skilled and vast cyber security professionals in crisis management are to be put in place to mitigate post-cyber attack fallout to a bare minimal. The evolving standard of today’s new tools and technology dictate the dynamic and systematic changes in cyber security, as such cyber security professionals and users should be kept abreast of these changes. As soon as the attack happens, a response team made up of representatives from all relevant business units such as your operations, communications, and IT departments should immediately follow all clearly defined roles and an action plan to follow to stop, remediate, escalate and investigate the attack. This is called the Mobilization of the Response Team.
In order to understand the source of the breach, its breadth, and its impact, you must identify the attack types you are facing and this will enable you to implement the most effective action plan. These attacks can come from different attackers such as, a social engineering attack where a hacker has obtained access information from an employee. You consult the employee to identify exactly what information was compromised. Maybe the attacker is a disgruntled employee, make every effort to identify the level of network access they are likely to have and what their motives might be.
Next step will be to secure the network and prevent further data theft or other damages. This can be accomplished by taking the entire system offline, implementing temporary firewalls, isolating part of your network, asking your internet service provider to block traffic to your website or taking other preventive measure to stop the attack.
Finally, report the incident to appropriate Law enforcement authorities and stake holders and investigate the incident andreport to the United States Secret Service Electronic Crimes Task Force, or the Internet Crime Complaint Center. If the attack involved identity theft, you can report it to the Federal Trade Commission. Look for a way to manage the story and rebuild customers’ relationship.
Cyber Security (2018) Retrieved October 4, 2018 from https://careersincybersecurity.com/crisis-management-7-steps-contain-cyber-attack/
Rossi, B., (2015) Cyber Attacks. Retrieved October 5, 2018 from