Knowledge Hub What You Should Do if Your Business Is Breached by a Cyber Attack

What You Should Do if Your Business Is Breached by a Cyber Attack

Warning on Computer Screen graphic
Warning on Computer Screen graphic

‘It won’t happen to me or my business’. We’ve all likely thought it. But what if it does happen? What if your organisation is breached? With human error being the main cause for cyber breaches, here’s what you should do if you or your organisation fall victim…

Firstly, if you are aware a breach is happening or has happened, tell someone immediately. Tell your manager, boss, CEO, and make sure you tell your IT team/support service. Even if you discover a breach happened weeks prior, you need to tell someone to prevent further damage.

Once you are aware of the breach, you must then assess the situation and determine whether you need to shut out the attacker. You may need to take systems offline to minimise damage.

The next step is to reset all the passwords that you possibly can. If an employee’s password was stolen or hacked, you’ll want this changed as soon as possible to prevent further attacks.

Once you have resolved the situation, now is the time for review. How did it happen? Why did it happen? It’s not a case of finding someone to blame. But an opportunity to learn and implement defences to stop it from happening again.

Of course, we’d recommend taking as much action as possible before you get breached. Use Cyber Essentials to bring your network up to a good standard of security. And if you want to take this further, gain your Cyber Essentials +. You could also put your business through ISO27001 to show how seriously you are taking data security.

You must also train your team. Every employee from junior to senior management need cyber security training. This can be regular in-house training or short videos and online courses. Everyone learns in different ways. We provide Security Awareness Training through our partnership with Mimecast. Find out more.

Always remember that breaches don’t just happen due to ‘technical errors’. Human error always plays a significant role in successful attacks.

What is Phishing?

Phishing is a form of cybercrime which targets victims by email, SMS or telephone. Criminals will pose as legitimate organisations to trick you into revealing sensitive data, such as bank details or passwords. This then results in identity theft or financial loss.

What is Ransomware?

Ransomware is a type of infectious software designed to prevent you from accessing your files, databases, and applications until a request is fulfilled; this is typically a payment to the attacker.

 

What is Zero Trust?

Zero trust is a strategic approach used by organisations. It includes both employee attitude and security policies put in place, encouraging employees to validate every action they take.

All FAQs
PC being taken apart

Cyber Security

Our cyber security services range from training and audits to proactive and responsive tools. Discover how we can keep you secure.

Latest Guides

Microsoft 365 Monthly Feature Update. Microsoft Logo.
Microsoft 365 Monthly Feature Update
Check out our top three Microsoft 365 feature releases each month.
Read more
Microsoft File Version History
How to Restore a Previous File Version
Looking for a previous version of a file? Here's how to recover it.
Read more
Jess speaking into headset at her desk in the Breakwater office.
What is the PSTN Switch Off?
In January 2027, the Public Switch Telephone Network (PSTN) will be switched off.
Read more