How To Respond To A Cyber Attack

Cyber Attack

Keeping valuable data and customer details secure couldn’t be more important for companies around the globe. Cyber attacks should never be underestimated as they have the power to damage hard earned reputations as well as cause financial ruin.

There is no doubt that businesses face cyber security threats on a regular basis and it’s vital to know how to respond after an attack. The recent WannaCry ransomware attacks proved just how susceptible companies and organisations still are to these kinds of sophisticated cyber threats.

While you should always have preventative security measures in place, you have to prepare for the worst-case scenario. In order for you to know how to properly respond to a cyber attack, we’ve listed 6 essential steps for you to follow. If you’d like to read more of our tech-inspired blogs, head over to the Tech page now.

Put your contingency plan into effect

Your first duty when dealing with a cyber attack is to organise an incident response team to establish what has been breached and who it effects. Responding in this way quickly will allow you to see what went wrong and mitigate the damage caused by the cyber security threat.

Have your IT specialists investigate any breaches, HR department establish whether employees are effected, intellectual property team try to reclaim any stolen property, data experts check that valuable data is still protected, and have your public relations team draw up a press release depending on the initial findings.

Your company may require legal assistance, depending on the severity of the cyber attack and where your company is based. No matter how serious the breach may be, seek legal assistance quickly in order to protect your business from the fallout.

Secure your IT network

After putting your cyber attack response team into action, the next thing you’ll need to focus on is securing your IT network. Doing this quickly will help to stop the spread of the cyber attack and establish how serious the breach was. Use this opportunity wisely as it allows your IT experts to see how effective your existing security measures were at spotting the cyber attack.

However, the downside to this step is that your IT systems may have to be taken offline while your experts complete their examination. This could severely disrupt your business’ operations so it should be carried out as quickly as possible without cutting any corners.

Commission an investigation into the cyber attack

The need to ensure you carry out a comprehensive investigation into the cyber threat breach can’t be emphasised enough. A suitably qualified expert with appropriate authority should head the investigation and have access to whatever resources they require.

The investigation should pinpoint the source of cyber attack and confirm or rule out any employee involvement. However, you’ll need to be aware of any applicable labour laws and this will require the assistance of your HR department.


Once finished with the investigation, a report should be created to document any findings and improve existing security measures. Any regulatory bodies that must be made aware of the cyber attack will be interested to know about the breach itself as well as how you will improve your processes going forward. As your report may uncover previously unknown vulnerabilities, you may need to commission further reports.

Take care of public relations announcements

Protecting your company’s reputation is a highly important aspect to be aware of, especially when sensitive customer information is at the heart of your security breach. Not every breach that occurs will require a press release but you must act quickly, accurately and honestly if your customers are affected. When legally obligated, you may be required to contact customers individually in order to alert them of the cyber attack breach.

Quickly deal with any legal or regulatory obligations

Depending on your industry sector and the parts of the globe you operate in, there are different legal and regulatory requirements to adhere to. As cyber threats are constantly evolving, there isn’t an all-encompassing set of cyber security laws.

Seek counsel from your legal department or a law firm that specialises in cyber security law to gain a full understanding of the unique legal obligations your company will be facing.

Prepare for liability damages

In the event of a cyber security threat breaching your systems and compromising valuable data, you may face certain liabilities. Many cyber attacks are now gravitating towards a blackmail or ransomware method of extortion. Depending on the severity of the breach, your company may wish to cover any credit card screening costs for your affected customers or provide compensation in some way.

Additionally, your company may face fines from regulatory bodies in the areas in which you operate. Fines can amount to millions of dollars and legal action may be taken against your company for breach of statutory obligations, breach of contract, breach of equitable duties, or negligence. Work with your legal representatives to establish what liability damages you will have to pay in the wake of the cyber attack.

If you require expert assistance to improve your IT systems and protect your business against future cyber threats, Saxons is here to help. To learn more, visit the IT Solutions page now.