How Do You Respond To A Cyber Attack?

The Impact of a Cyber Attack

The impacts of a cyber attack can be devastating to an SMB or mid-size company.  When an attack happens, you may not have access to business-critical systems needed to run your company. According to Cisco’s 2018 Security Capabilities Benchmark study, 40% of SMBs experienced downtime of 8 hours or more as a result of a data breach.  Then in addition to any revenue lost from being unable to access your system, there are several costs you may incur to resolve the breach:

  • Many SMBs need to hire outside experts to help them identify, contain and resolve the security issue
  • Regulators may need to be called, and fines may be imposed
  • Staff training may be needed to prevent future attacks
  • Your reputation may be damaged

According to Cisco, 29% of SMBs reported the costs of a breach to be under $100,000.  But the costs could be much higher than that, with 20% of SMBs reporting the cost of a breach to be between $100,000 and $2,499,999.

What to do in a Cyber attack

You will want to have a plan in place in case of an attack. Time will be critical to limit the damage and having a plan will help you save critical time.

Step 1:  Assess the situation. The first sign of trouble could be unusual activity on your network. Or maybe someone received a phishing email.  Whatever the issue is, you will need to assess the situation and determine the nature of the attack and how serious it is.

Step 2: Contain the damage.  Depending on how extensive the damage is and what kind of attack, you will need to prevent further damage.  You may need to take systems offline.  In other cases it may be making changes to your firewall to block the traffic, or monitoring the activity.

Step 3: Repair.  You may need to get the backup system up and running.  And determine anything that needs to be adjusted to prevent future attacks. You may be contacting authorities, contacting affected customers, and gathering information about the attack.

One of the best steps you can take is the one you do before an attack happens.  Having the right security tools in place will protect you and minimize the damage after an attack. If you already have Cisco security tools in place, such as Umbrella or AMP for Endpoints, a tool like Cisco Threat Response will help you detect threats faster, investigate easier, and respond immediately.  Threat response will automate integrations for different Cisco security products so they will work together. You’ll have the intelligence you need to identify the attack, data to investigate what has been impacted, the ability to store information about the attack, and you can take action right away from the threat response interface.   The best part is, if you already have Cisco security in place, there is no additional cost for Threat Response.  

Learn more about Cisco Threat Response Here.

Leave a Comment