How to Recover from a Cyberattack

While prevention is a huge part of cybersecurity, there’s no defense that is 100%, particular as cyberattack methods change and evolve continually to get around them. Even if you’re careful, chinks in the technology ‘armor’ can allow a cyber attack to affect your office. Do despite your best efforts, when an attack occurs, the first step is following your firm’s policies and procedures for reporting and mitigating. But how do you actually recover?

1. Take a Deep Breath: Cyber attacks can happen to anyone, so don’t let yourself drop into panic mode. The first step in recovery is keeping calm and working through recovery steps without giving up or letting a rushed response invite new mistakes.
2. Replace Old with New: Look at your security technology and honestly take stock, identifying where the failures occurred. Replace what you have with technology that supports and protects you better and add tools to create depth in your defense. This means integration and often takes advantage of automation. Balance prevention with detection rather than one or the other. Beyond technology, there are other aspects that may need to be assessed and improved. Check over your office policies and see what changes need to be made to reduce future risks.
3. Invest in Appropriate Software: Going hand in hand with the above, keep in mind that ultimately you should assume that a future attack will come from an error. An employee who opens an email that releases malware is not doing it maliciously, but mistakes do happen. Plan for this when contemplating protection software. Don’t depend on bottom of the barrel protection and a lack of any accidents in the human sector.
4. Secure Passwords: In the wake of an attack, you’ve learned what bad people can do when they access your systems. Don’t make it easy for them. Make sure your passwords are strong and secure, take advantage of multi-factor authentication on devices, and consider a password solution to keep internal office passwords private.
5. Utilize Your Backups: Never quite understood why your tech guy always insists on good backups? Now you know why they’re important! Recovery of information from your systems that has been reliably and securely backed up off-site can reduce the time it takes to get your office back up and running.
6. Stay Alert: Once the virus has been contained and you’re up and running again, it doesn’t mean the threat is over. Depending on the type of attack, there may be follow up phishing schemes attempting to get more from you. Hypervigilance is in order, along with careful monitoring of systems. This isn’t necessarily a lightning only strikes once scenario.