Advice from Security Consultant

January 10, 2017

My cyber security advice to any IT team I have ever work with is to always plan for the worst  but hope for the best. To some it might sound realistic and to others it might also sound superstitious. We know that It’s too late to start to deal with a cyber attack once it happens and that is why it’s absolutely important to implement a cyber crime crisis management plan that you can deploy immediately after a cyber attack to secure your network, limit the damage and begin the recovery process.


Skilled and vast cyber security professionals in crisis management are to be put in place to mitigate post-cyber attack fallout to a bare minimal. The evolving standard of today’s new tools and  technology dictate the dynamic and systematic changes in cyber security, as such cyber security professionals and users should be kept abreast of these changes. As soon as the attack happens, a response team made up of representatives from all relevant business units such as your operations, communications, and IT departments should immediately follow all clearly defined roles and an action plan to follow to stop, remediate, escalate and investigate the attack. This is called the Mobilization of the Response Team.


In order to understand the source of the breach, its breadth, and its impact, you must identify the attack types you are facing and this will enable you to implement the most effective action plan. These attacks can come from different attackers such as, a social engineering attack where a hacker has obtained access information from an employee. You consult the employee to identify exactly what information was compromised. Maybe the attacker is a disgruntled employee, make every effort to identify the level of network access they are likely to have and what their motives might be.


Next step will be to secure the network and prevent further data theft or other damages. This can be accomplished by taking the entire system offline, implementing temporary firewalls, isolating part of your network, asking your internet service provider to block traffic to your website or taking other preventive measure to stop the attack.


Finally, report the incident to appropriate Law enforcement authorities and stake holders and investigate the incident andreport  to the United States Secret Service Electronic Crimes Task Force, or the Internet Crime Complaint Center. If the attack involved identity theft, you can report it to the Federal Trade Commission. Look for a way to manage the story and rebuild customers’ relationship.




Cyber Security (2018) Retrieved October 4, 2018 from


Rossi, B., (2015) Cyber Attacks. Retrieved October 5, 2018 from





Please reload

Featured Posts

According to Cisco, Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks are usually aimed...

The Practice of Cyber Security is based on People, Processes, and Controls Technology.

May 10, 2018

Please reload

Recent Posts
Please reload

Please reload

Search By Tags
Please reload

Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square

(919) 746-5011