Like most forms of misfortune, having your business attacked by a hacker doesn’t seem like it could really happen, until it does. After a cyber attack, you may not be sure what to do next, especially if computer security isn’t your field of expertise. You may be worried what the ramifications are, how it will damage your reputation with your customers, and whether it could happen again—all valid concerns.
Data breaches are not uncommon, and you certainly weren’t the first to be hacked. Getting back on your feet is a matter of doing damage control and preventing further breaches. But dealing with the computer systems is not the only thing you’ll need to take care of in order to stabilize your business. The needs of your customers will have to be addressed, and there may be legal ramifications. To help you cover all of your bases, we’ve put together this brief guide to highlight the areas of highest concern in the wake of a hacker attack.
What to Do About Your Customers
Frequently, the customers are the ones who take the brunt of data breaches. Personally identifying information (PII) is the kind of stuff that hackers are after—the information they can use to steal an identity. That’s why you’ll want to notify your customers of a breach that affects them as soon as you have enough information to do so.
Recent data breaches have taught us that delaying the notification of customers can both impact your reputation and result in legal backlash. Holding back because you’re afraid of the bad PR will only result in an even worse relationship with the public, once they learn you knew their information had been stolen, and hadn’t told them.
That said, you also have to keep the business operating. One of the reasons data breaches are so dangerous for small businesses is that they often lack the technological redundancies that allow larger businesses to carry on after an attack. Many small businesses only have one device, and often don’t back it up. When a hack puts that device out of commission, it can be difficult to continue running the business. Just as important as notifying customers who may have been affected, you need to be able to continue doing business with them. Do what you need to in order to keep the wheels turning, or you may quickly find that your customers go somewhere else.
What to Do About the Law
Laws regarding cyber attacks, like other laws, can be a bit complicated. There are federal laws, state laws, laws regarding specific industries like medicine and finance. Some states require you to offer credit monitoring to customers affected by a data breach. Some regulating bodies like HIPAA and FINRA require you to notify them (and potentially news outlets) if the number of affected customers is above a certain threshold. There are a lot of things to check to make sure you’re in compliance, so consider speaking to a lawyer. In any case, you’ll want to make sure all your ducks are in a row so that you can continue operating your business.
Along the same lines, you may also be in a position to go the other direction and put the law to work for you. Depending on what’s stolen (like, say, proprietary business information) you may want to report it to the authorities. In a similar vein, your attack may not have been an isolated event, and may have been part of a larger operation. In which case, bringing what details you have to the authorities will be important, as they will need all the information they can get in order to track down the culprit.
What to Do About Your Computer Systems
When a big company like Yahoo is hit with a cyber attack, they have a whole department of infosec specialists to investigate and respond. When it happens to small businesses, not so much. You’re working with a much smaller outfit, and a much smaller budget, so dealing with the computer side of a breach can be a lot harder. If you’re on the large-ish side of small, you may even have IT personnel, but there’s a good chance cyber security isn’t their specialty.
Whatever resources you have at your disposal, muster what you can to do the following:
- Confirm that a breach has occurred.
- Identify the extent of the breach—what devices were affected, what was tampered with/taken.
- Isolate the affected machines.
- Identify how the breach occurred (i.e., how they got in).
- Restore the machines to their pre-breach state (via reformatting, restoring from a backup, etc.).Implement safeguards against further breaches (which could be everything from sturdy anti-virus software, to training for your employees about opening suspicious emails on work computers).
- Monitor your devices and stay vigilant against future intrusions.
If all of that sounds like a lot of work that you’re not equipped to accomplish, then reach out to some cybersecurity experts who can help you identify the weaknesses in your system and help you prevent future attacks. The risk of a cyber security breach is real, and the cost is real, even for small businesses, but you don’t have to face it alone.
Whether it’s damage control for a recent breach or preventing one in the future, the experts at Fibernet can help.