Criminals act fast and encourage panic to achieve their objectives. An Incident Response Plan will keep you organised and in control during a pressure situation. Timely decision making is essential during a cyber attack.
Similarly to fire drills, you should prepare for the worst-case scenario; review and practice the plan to identify gaps and be confident that it will be fit for purpose. Our advice on how to manage a Ransomware breach can be found HERE
Recognise what you are up against to plan your approach effectively, with the help of your incident response plan. Continue to examine the attack, you may need to re-evaluate your tactics.
When safe to do so and after careful analysis, launch measures that will reduce the impact of the threat, technically (such as isolating systems) and non-technically (such as media communications).
Remove the threat and examine its success. Once certain it no longer poses a problem, only then should you start the recovery phase. You may have to repeat other steps of the process before full remediation is achieved.
At this stage you have confirmed the threat has gone and clean systems can be installed. Clean data backups can be recovered if needed, for business to resume as usual.
Following an incident, review lessons learned and document improvements in your incident response plan. Be aware of any secondary attacks, while you recover and you move forward.
Cyber Protection Advice Blogs
Exercise in a Box
Exercise in a Box is an online tool from the National Cyber Security Centre which helps organisations test and practise their response to a cyber attack. It is completely free and you don’t have to be an expert to use it.
Would you be ready?
Business in the Community founded by HRH The Prince of Wales, has produced a Readiness Test that can help your business become more resilient to common risks such as cyber attacks or extreme weather!
Social Engineering Audio Story
This social engineering audio story from RESILIA Frontline is one of a series of 15 audio stories designed to engage colleagues through real-life incidents and to provide simple, practical guidance for how to avoid being a victim.
An animated video from the Metropolitan Police on how to keep safe online.