Step 1: Conclude
You’ll need to ensure that all of your networks and devices are working properly after the breach. You’ll probably end up changing passwords, wiping infected devices and patching your existing hardware. You may, also, want to invest in a trustworthy cybersecurity software package or go through the vulnerabilities of your system with a trusted cybersecurity specialist (wink, wink). Following these steps will give you closure on the incident and reduce the risk of it happening a second time.
Step 2: Inform
By law, you will have to report your breach to the ICO (the Information Commissioner’s Office). (The ICO is contacted to assess the risk level for people that may have had their data stolen.) So, inform the authorities, inform staff and customers of things that will affect them and inform any legal ties that you may have (if you have insurance to cover breaches, they may be able to give you more info on the steps you can take forward).
Step 3: Learn
Learn from this mishap and try to prevent it from happening again by installing trusted security software or employing a cybersecurity specialist (wink, wink) to ensure that your network security is kept air-tight. It might be a thought to assess your contingency plan, just in case another occurs. If you decide to do this, ask yourself what went well and what didn’t go so well when the plan was first initiated.
According to our Data Privacy Specialist, Jack Hague, you need to ‘get a team together who know the systems and accounts affected, check the logs to make sure nothing nefarious has happened, make sure there’s no sensitive, personal, or business confidential information located on any of those, and if there is, assess whether you need to report the breach to the ICO or the data subjects affected. You’d also want to assess what needs protecting, so like do a risk assessment to anything affected and see if any protections need adding.’ So there you go; 3 steps to survival after a breach.