If you’re a small business owner, more and more hackers have set their sights on targeting your business. And while there are a number of precautions you can take to help protect yourself from a cyber attack, you have to be prepared in the event that one takes place. This article provides a few tips that can help your small business recover if it’s been the victim of a cyber breach.
Tips to help your small business recover from a cyber breach
Canadian small business owners need to be on high alert due to the growing threat of cyber attacks. Hackers are only getting savvier when it comes to breaching security measures with new, more creative methods than we’ve seen in the past. In 2015, Symantec predicted that 60% of small businesses would go under within 6 months of a cyber attack largely due to the fact that many are not adequately prepared for this type of risk. In 2016, Symantec’s Internet Security Threat Report showed that 43% of cyber attackers are targeting small businesses. This threat is only continuing to grow.
While it’s important to educate yourself on the resources available to help you combat this kind of risk, precautionary measures can only take you so far—nothing can 100% guarantee your company’s safety from cyber hackers. And while we hope that your small business never has to deal with this type of problem, we’d like to help you prepare in case it happens. Here are 8 tips that can help you recover from a cyber breach.
- Do not unplug: Sometimes the natural reaction to the idea of a cyber breach is to unplug and turn off everything in hopes you can stop it before it spreads. While this would disconnect your computer from the internet and your company’s server, which could prevent the hack from spreading, shutting a machine down can also delete valuable information on how the hack originated and how much damage has already been done. This information is crucial to rebuilding from the attack and preventing another.
- Call in a pro: It’s important to figure out what happened, how far it got and what’s been affected by the hack. Unless you’ve got a degree in post-breach forensic investigating, you’re likely in over your head at this point. Bringing in someone who specializes in cyber attacks is a good next step after identifying a hack. They’ll be able to determine important details including the scope of the damage that’s been done.
- Contain the situation: Once all the important information has been pulled by a specialist, every machine in the company should be taken offline simultaneously to prevent the cyber infection from spreading.
- Lawyer up: If you don’t have a lawyer for your business, now is the time to find one, especially if you don’t have cyber liability insurance. A lawyer can help guide you on what legal obligations you have to your clients and customers following a cyber breach. Also, this would be a good time to contact your local law enforcement team to report the hack.
- Communicate quickly: Arguably the worst part of a cyber breach is communicating the issue to customers, employees and partners. It’s best to take care of this quickly and to be as honest as possible. Forbes found that customers are actually more interested in how a company handles a breach than the fact that one occurred in the first place. Provide them with all the details you have at the time and update them as more become available. Losing trust and loyalty from these groups is a major concern following a cyber attack, so maintaining as much trust as possible throughout the unpleasant process is very important. And while you may feel like a victim yourself, it helps to be apologetic and take responsibility.
- Eliminate the problem: This can get pricey, but it’s an important step after experiencing a cyber breach. You may have to get rid of computers and shut down your company website while things get cleaned up depending on the type of breach. This is when business interruption insurance is extremely important.
- Fix the gaps in your security: The investigation you do following a breach will shine light on any vulnerabilities your security had and will allow you to fix any holes to avoid another hack.
- Revisit your coverage: There are a number of myths associated with cyber insurance for small business that can cloud your judgement and leave you vulnerable. Speak to your insurance provider about revisiting your policy to ensure you’re covered for the damages that a cyber breach can cause.
Hoping for the best but preparing for the worst is a good approach to take when it comes to cyber breaches and your small business. Knowing what to do after a cyber breach will only help you react quicker, which may help minimize the consequences.
For more information on this type of risk, visit our cyber security page and check back with the TruShield blog regularly.
This blog is provided for information only and is not a substitute for professional advice. We make no representations or warranties regarding the accuracy or completeness of the information and will not be responsible for any loss arising out of reliance on the information.