How should an SMB respond to a security breach?

How should an SMB respond to a security breach?

If you’re the owner of a small- or mid-sized business (SMB), the latest cybersecurity statistics ought to be your wake-up call:

  • Small businesses account for 43% of breach victims.
  • Small businesses (1 to 250 employees) are targeted the most with malicious email, at a rate of 1 in every 323.
  • 94% of malware is delivered by email.
  • 64% of Americans have never confirmed if they had been victims of a data breach.
  • 56% of Americans don’t know what to do in case of a data breach.

Experts say it’s not a matter of if but when your company will be hit with a security breach. To recover from one, an SMB spends an average of $117,000. Here’s how you and your staff can minimize and prevent further losses in the event of an attack:

#1 Keep calm and identify the threat

Consider yourself lucky that you detected a breach. Many attacks stay hidden for weeks and months before they’re discovered; the moment you detect one, you need to properly identify the threat so that you know how to arrest further loss or damage.

You’ll need people from different departments to work together. So it’s best that even before any breach occurs, you have people already in place who will work in tandem when an attack is spotted.

#2 Contain the threat and respond to it

Your response team should immediately stop the threat from spreading. It may mean shutting down your whole system, but if you have a backup system in place, then you can be up and running again while isolating only the affected areas.

If you’re in the midst of a DDoS attack, it’s like your internet is experiencing a traffic jam clogging up your bandwidth and disrupting traffic flow to your servers or network. Your response team needs to identify the targeted IP address so as to restrict access to it, and then figure out the purpose of the DDoS attack: is it to exhaust your bandwidth or exhaust your computing resources?

#3 Assess the impact

By this time, you should have already identified and contained the threat, gotten your backups running, and informed your staff about the attack. Now it’s time for your in-house team to assess the damages and figure out the consequences. If your team cannot properly assess the cause of the attack and the damage it has caused, then consider bringing in an outside forensics team.

#4 Recover from the attack

You’ll need to spend on resources — sometimes considerable — to recover from an attack. Prioritize repairs needed to avoid further downtime. And make sure your system will be better protected. Consult a managed IT services provider (MSP) like Online Computers if you don’t have an IT security team in the first place.

#5 Report the breach

Under federal, state, and international laws, an organization is required to report a breach within a certain amount of time; otherwise, there are legal and monetary consequences for a delayed report. New Jersey businesses should report any security breach to the Division of State Police in the Department of Law and Public Safety via email to databreach@cyber.nj.gov. Find out more here.

#6 Inform affected parties and the public

Thanks to the General Data Protection Regulation (GDPR) and other laws regarding data protection, organizations are required to disclose data breaches to their partners, customers, and the public. Such a disclosure sounds disastrous to a business, but the penalties for nondisclosure are worse. Your business may not recover from monetary penalties as well as reputational damages. You should disclose what happened, how much are the losses, who are directly and indirectly affected, and what steps are being taken to contain the situation. That way, you communicate to everyone that you’re taking responsibility and working to fix things.

#7 Learn from the incident

A breach reveals the inadequacies of your security measures. So take this opportunity to improve your cybersecurity. Conduct audits, invest in software and hardware, create a culture of security for your staff — these are things you can do to make sure you survive not only this breach but prevent future attacks.

The best defense is preparation; do you have a backup and disaster recovery (BDR) plan in place? Find out if your business can survive a major data breach, a natural disaster, or even a server failure. Download our FREE eBook on having a foolproof recovery plan.

Download our free eBook!

There’s a lot that goes into designing a BDR plan. Our informative free eBook: 7 Rules even the most basic backup & disaster recovery plan must follow can walk you through the entire process of setting up a reliable strategy.

Download now!

Better yet, consult with our IT and security experts at Online Computers. If your SMB is in or around Hanover, Morristown, and Madison, then consider partnering with us. Contact us today.


Find out how you can get a functional backup and disaster recovery plan todayRead our FREE eBook
+