Nearly half of UK businesses fell victim to a cybersecurity attack or data breach in the last year.
You should already have a process in place for what happens if you identify a breach. That should include whether to report it to the ICO under GDPR rules, recovering data and securing your systems, and how to communicate with staff, suppliers and customers. It should not, however, contain any of the following things – the things that all too often companies end up doing:
Don’t go quiet
Staying silent just isn’t worth the risk. Chances are, eventually the word will get out to your wider staff, customers and supply chain. You want to get ahead of the conversation by having a plan for how you’ll communicate if an incident happens. Your messaging should include what’s been accessed, what you’ve done to remedy the situation, and what you’ll do to make sure nothing similar happens in future.
Staff may face questions and be door-stepped by your contacts or the press. Get on top of the situation by communicating clearly, and have a plan ready now for who you’ll tell and how, depending on the scope of the attack.
Don’t ignore your customers
If your customers experience a difference in service, make sure you focus on handling customer service enquiries as a priority. Ignore them at your peril; a loss of customer confidence can quickly turn a data breach into the downfall of your business.
Take a big corporate example. When Equifax had a very public data breach, they made the mistake of trying to convince customers not to sue by offering a free year of credit reporting. They even attempted to charge affected customers extra to have their credit reports frozen. They should have put the customer first and offered unconditional credit reporting, perhaps free, for a good time period to emphasise their commitment to keeping customer data safe. That makes even more sense now that we’ve seen fake compensation websites spring to target Equifax customers.
Don’t deviate from the plan
In a crisis, it can be tempting to let instinct take over and begin rectifying the situation. It sounds logical to boost your endpoint protection to prevent further attacks, or restore previous backups to cover the entry point used by the attackers. But beware; hasty decisions without a clear strategy can make the situation worse.
A crucial part of any incident response plan is preparation. Map out who to contact and store them separately, as well as in hard copy in case of a serious breach. When the worst does happen, the last thing you want to be doing is working out who’s responsible for what, and how to respond.
The first step in your plan should be to identify the likely source of the breach – ransomware, malware, an open firewall, outdated software, or simple human error, for instance. Then, you need to isolate that area of your network and make sure you restore overall data security. And don’t be afraid to ask for help: a third-party security specialist should help you investigate and restore network integrity.
It pays to be prepared when it comes to handling your business’ cybersecurity. That’s where we come in. We help London’s creative small businesses, bolstering their defences against the latest risks with ‘next gen’ solutions. Contact us to find out more about what we can do for you.