What NOT to Do After a Breach

What NOT to Do After a Breach

Has your security been breached? Here’s a few pointers of what NOT to do.

1. Do NOT improvise.

Your company deserves the best. In the event of an attack you may be tempted to try to fix things yourself on the fly. The last thing you need is to waste time trying to organize a recovery plan. Be proactive about your IT management. Put a back-up and recovery plan in place today so everyone knows exactly how to respond if there is a breach.

2. Do NOT be silent.

Communicate with your staff, customers and vendors to ensure everyone knows what’s been accessed and how you plan to remedy the situation. If you don’t there are a mound of risks that really aren’t worth the reward.

3. Do NOT close the case too soon.

You’ve closed the corrupted endpoints and informed everyone of the issue at hand, recovered your data and you’re back to business as usual. It’s time to close the logs for the attack, right? Wrong. Be sure to investigate the root cause and review your network after you’ve remediated to identify any additional weaknesses the attacker may have opened up.