Big or small, all businesses are at risk from a very wide range of information security threats. Given the recent trend of businesses being mostly reliant on the internet for communication as well as business operations, all companies are now vulnerable to hackers, viruses and a whole host of other dangers.
It’s nearly inevitable that your company will suffer from a security breach at some point, unless your security system is rigid and constantly updated and reviewed. Up to 93 percent of large businesses in the UK had at least one security breach last year, with 87 percent of small businesses suffering from one – a 76 percent increase from a year ago!
If your company sustains an attack, it is vital that you respond swiftly and confidently, in order to prevent further damage.
For more information on how you can prevent such attacks, please visit: http://www.nccgroup.com/en/our-services/security-testing-audit-compliance/
Have a CSIRP in place
Having a Computer Security Incident Response Plan (CSIRP) in place before you need it is essential to surviving future attacks. Many organisations lack a basic CSIRP. If your business is serious about effectively quashing a security breach, it is recommended that you hire the services of trained IT security professionals to develop and install a CSIRP for your business.
Essentially, the CSIRP is the ‘master plan’ to help your business make a contingency strategy for use in the event of a breach. It will define the roles and responsibilities for those who will need to act during an incident. It is vital that your CSIRP is routinely tested and that Distributed Denial of Service attacks are addressed in the plan.
DDoS attacks occur if your business is reliant on the internet for connectivity with customers. They aim to make your network unavailable to said customers and then cover the attackers after they attempt an illegal wire transfer of funds from the user accounts.
Steps to take after the breach
- Investigate the scope of the attack: After it becomes apparent that your system is suffering from an attack, you need to figure out how many systems or machines have been affected. Unless you already have a cyber-security expert on your payroll, you must immediately call in professionals so they can prevent the problem from spreading.
- Contain the attack: Usually, this involves taking all systems offline simultaneously as soon as the attack is identified and a malware and network analysis has been conducted. Instead of pulling the plug on all machines, wait until a full investigation takes place, so that you can add and amend your CSIRP appropriately.
- Prevent future attacks: After containment, all antivirus and anti-malware software will have to be reinstalled and updated. After this, all the lessons learned from the security breach should be used to fill in any security gaps.
Keeping your business secure is an ongoing battle for everyone. As long as you continuously update the CSIRP after any breach and make sure that the entire staff is made aware of security requirements, you’ll be able to combat any future attacks far more effectively.
This is a guest post from Ben Williams.
Related posts:
