the winxnet blog Blog Header Image

How to Recover from a Cyber Security Breach

Posted on 7/12/2018 3:08:16 PM by Judi Grassi
Category: Security & Compliance



Cyber security attacks have unfortunately become a reality in the business world so there is no excuse for being unprepared for these types of attacks. For those who aren’t as familiar with cyber security, a security breach is any incident that results in unauthorized access of data, applications, services and devices. Essentially, a breach is a security violation.

Cyber attacks may be an aspect of today’s society but damage can be limited by having an effective breach response put in place. Cyber attacks can have serious repercussions for your businesses’ reputation so the faster a business responds to a breach, the more likely they are to preserve their reputation and revenue.

Before creating a cyber security breach plan, you should understand what data and assets need protecting and evaluate the potential risks that could cause harm. This identification process is usually done with a formal risk assessment and should be completed before creating an incident response strategy.

Your incident response strategy should include the following procedures:

  1. Identify the Breach: The first step of how to recover from a security breach is to figure out how the breach occurred, whether it be online like a phishing attack or data leaked by an unencrypted device.
  2. Contain the Breach: Before you can recover from the breach, it’s imperative to contain the attack so no additional data is exploited.
  3. Impact Assessment: Once the breach has been investigated and resolved, your business will need to assess the risk caused for the business as well as the individuals affected.
  4. Recovery: After the breach has been assessed, it’s time for your business to repair the data and systems so businesses can continue to operate and keep the lights on.
  5. Notification & Communication: Your business absolutely needs a communication strategy in place that explains what happened, accepts responsibility and is apologetic.
  6. Evaluation and Next Steps: Following the breach, your organization should evaluate how you responded to the event and identify what your business needs to do to be prepared in the future.

If you feel as though your organization is not prepared for a breach and does not have the proper breach notification policies and procedures in place, then it’s time for a conversation with our security experts.