What To Do If You Suspect A Cybersecurity Breach

Pexels – CC0 License

Unfortunately, cybersecurity threats are a common issue in the corporate world. Businesses, large to small, are affected by them. This past week, even Microsoft had to admit a “small number” of corporate accounts were accessed by hackers.

If it can happen to individuals at that level in the most valuable company on the planet, it can happen to you. This is because cybercriminals are increasingly targeting individuals and the processes they use to manage their accounts. After all, humans can always make mistakes.

Much is said about how to prevent a breach – from using the best cybersecurity professionals to evaluate and protect your systems, all the way up to annual habits like changing passwords and reviewing corporate web traffic, but what about if you suspect a breach has already occurred? 

In this post, we’ll offer a few steps to help you in that process:

Notify Relevant Authorities & Contacts

If you believe your systems have been penetrated, it’s important to speak to those who outsource your IT, as well as raise a relevant report with the authorities. In many cases, law enforcement will ask you to register the issue with them, because, after all, a crime has been committed. The Internet Crime Complaint Center an be a good start, as is registering with the relevant authority in your country.

Alert Internal Teams

You may need to revoke access to the system to your staff because you won’t be sure where the breach began. This might mean using the administrative console to lock down accounts and encrypt vital data where necessary. Contacting your IT-managed system provider can also help you integrate a step-by-step approach to minimizing data loss and limiting your system access until you gain a clearer picture of what happened and why. In some cases, digital forensics will be involved.

Shut Down Affected Systems

Before you work on a plan for resolution or to figure out what happened, shut down your systems if you can. Not all networks are hosted internally, but those that are can be access-limited thanks to your willingness to cease their connectivity for the time being. This will help you until you gain further instructions from your managed host.

Communicate Transparently

It may seem like the easy option to sweep the problem under the carpet, but ultimately, this is never helpful to the people you serve. For this reason, transparent communications are ideal. They allow you to take your best foot forward, be candid about the issue, whom it affects, and how you’re resolving it. This way, you can speak to the affected customers specifically. You can also begin remediation for resolving the problems, be that advising costumes to change their passwords or closing accounts entirely and furnishing them with a new login. It’s essential to offer clarity here, even if the situation is very much in flux, make sure to say that clearly.

With this advice, you’re sure to act with diligence should a potential cybersecurity threat come for your firm. It’s always best to plan this as an inevitability, so you know what to do when the time comes.


Discover more from 5 things to do today

Subscribe to get the latest posts sent to your email.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.