Cybersecurity Breach? Here’s What to do.

Written By Tom Kelly

“Hacked”, “Breach”, “Cyberattack” “Held for Ransom”, what ever you want to call it, here’s what to do.

There’s a ton of statistics showing that shorter the incident lifecycle, the less costly it’ll be. A quick response can make all the difference.

Here are steps to consider taking:

  • Contain the Infection: disconnect systems from the internet and/or company network. Change credentials.

  • Change Credentials: On a different computer, that you do not suspect is infected, change credentials to accounts.

  • PRESERVE EVIDENCE. Do not unplug or turn off systems. Do not delete anything. This is for legal and security reasons.

  • Inform leadership & Stakeholders. Leadership should communicate procedures and set expectations.

  • Contact your Cyber Insurance Provider, if you have one.

  • Get professional help. We can investigate and document, contain and eliminate the compromise. They can prevent the response from being a game of “whack-a-mole”.

We are Here to Help.

We are Incident Response (IR) professionals know the ins and outs of cybersecurity incidents; we have experience helping companies and consumers recover from cybersecurity incidents. We help reduce the incident life cycle and prevent costly mistakes.

Tom Kelly
Previous

What to Do After a Wire Fraud Incident: A Step-by-Step Guide
Next

Should You Pay the Ransom?