What to do in the event of a cybersecurity breach

Video Resource

Whether you are a victim of a cybersecurity breach or are concerned about the impact of cyber crime on your business this video breaks down our advice for what to do in the event of a breach.

Find out more about ramsac’s cybersecurity services

This video will break down our advice for what to do immediately, in the aftermath and once the dust has settled.

Immediate Actions

The first thing you should do is:

  • Raise the alarm – the faster the alarm is raised and your staff get help, the smaller the impact, you should contact your IT department or provider and immediately disconnect infected devices from your network to minimise the spread.
  • Communication is key – let your employees know as soon as possible to ensure they are aware of the breach and what action they should be taking (if any).

Next steps

  • Do some detective work – Once the immediate risk of spreading has been removed, it is time to find out what has happened and how.
  • It is vital you clean infected machines completely while they are still isolated and then scan all systems with extra anti-malware products.
  • Call the ICO, police, your insurance, and your bank as necessary, after all you are the victim of a crime and it needs to be reported.

Once the dust has settled

  • Debrief and analyse the breach – What happened, how and why how can we stop it happening again?
  • Take ownership of the situation- As well as reporting breaches to the ICO, you should make everyone whose data may have been comprised aware of the breach.

Prevention is always better than a cure – so how do you prevent yourself falling victim again?

Our advice is

  • Improve your technical defences
  • Cybersecurity awareness training for all employees and
  • Backup your systems regularly