How to Survive a Cyber Attack

Share

Cyber attacks happen daily, yet most businesses aren’t ready for them. Recent cybersecurity statistics show that 54% of companies are unprepared to weather today’s cyber attacks. The reason is simple: most organizational leaders don’t think it will happen to them.

But the truth is, any business is a target, and the stakes are high, especially now that we live in the “golden age” for cybercriminals and hackers. A successful cyberattack can cost a company millions of dollars, damage its reputation, and even put lives at risk. The average cost of a data breach in 2022 is $4.35 million. This doesn’t even go into the criminal charges that could happen- like those affecting Uber’s Former Chief Security Officer- for a cover up.

Survive a Cyber Attack: Recover from a Cyber Attack

Scope the Breach: Will You Require Outside Help?

Because security breaches are more or less inevitable, your biggest worry should be how to survive a cyber attack. The first step in this process is scoping the damage.

Determine the extent of the damage and whether you can manage it internally. If not, start inquiring about outside help.

Questions to Ask Yourself:

Are systems impacted? How many?
Are users impacted? How many?
Is data compromised? What types?
Is the data encrypted?

The first few reactive steps are asking questions to make an analysis to identify all the damages. However, you can be proactive, too.

Have a Cyber Incident Response Plan

It takes an average of 207 days to identify a cyber incident. You should have a plan for how you will respond when the incident finally occurs. Design the plan to help you contain the damage, limit the exposure of sensitive data, and restore normal operations as quickly as possible.

In addition, consider following established best practices for incident response like those by GDPR or NYDFS. Here is an overview of each framework:

GDPR Cybersecurity Requirements

The General Data Protection Regulation (GDPR) is a set of regulations that apply to any company that processes the personal data of EU citizens, regardless of where the company is located.

Under GDPR incident response guidelines, your company must notify the relevant supervisory authority about an attack within 72 hours of learning about it. If you send the notification later than 72 hours, you should have a good reason for the delay.

The notification should contain details about the incident, the data involved, and the number of people affected. It should also include the contact information of someone within the company who can provide more details.

How to Survive a Cyber Attack | Recover from a Cyber Attack

Your notification should also indicate the likely impacts of the security breach and how you plan to contain its negative effects. If you can’t gather all this information at once, the GDPR dictates that you provide it in bits.

If the incident puts anyone at high risk, your company should notify the victims as soon as possible. An incident is a high risk if it could lead to economic and social disadvantages, such as identity theft, which happens every 22 seconds.

NYDFS Cybersecurity Requirements

The New York Department of Financial Services (NYDFS) has released its own set of regulations for financial institutions licensed by the State of New York whose assets exceed $8.8 trillion. The institutions include insurance companies, banks, credit rating agencies, virtual currency companies, and credit unions.

The guidelines require all covered entities to send a notification to the superintendent within 72 hours of a cybersecurity event. NYDFS defines cybersecurity events as those acting or infiltrating information systems or their stored data.

How to Survive a Cyber Attack } Recover from a Cyber Attack

Your organization must report such attempts, even if unsuccessful, provided that unauthorized access to the systems could disrupt and misuse information.

Send a notification if the event is likely to disrupt your normal operations. Report the same to a government body or any other supervisory body.

NYDFS insists on reporting unsuccessful attempts because they raise serious concerns. Reporting such events is especially necessary if they are not routine. However, it is your responsibility to judge which unsuccessful attacks are serious enough to report and which ones not to.

How to Recover from a Cyber Attack

Once you’ve dealt with the initial fallout and implemented the appropriate response plan, you should focus on how to recover from the cyber attack. This includes figuring out what happened, how to prevent it from happening again, and how to restore any lost data.

The first step: assess the damage. Your IT team should account for anything lost or destroyed, affected systems, and duration of attack. This information will help you determine the extent of the damage and what your company should do to fix it.

Next, you need to determine how the attack happened. Focus on tracing the source of the attack and identifying any exploited vulnerabilities.

Moving Forward

Once you know how the attack happened, you can take steps to prevent it from happening again. For example, if the attack was due to a phishing email, you can implement better email filtering rules or give employees training on how to identify phishing emails.

Finally, you need to restore any lost data. This may require working with third party data recovery services, depending on the extent of the damage.

After recovering your data you should put in place better backup and disaster recovery protocols to prevent data loss in the future. Depending on the extent of the damage, the recovery process takes an average of two to four weeks, but can take longer.

Prepare Yourself to Survive a Cyber Attack

Cyber attacks are a serious threat to businesses of all sizes. However, knowing how to survive a cyber attack helps minimize damage and get your business up and running again. Follow the steps outlined above to ensure that you are prepared for a cyber attack and know how to recover from one.

For more information on ThriveDX Security Awareness Training, please visit here.

Protect Your Organization from Phishing

Share

Explore More Resources

Once you’ve purchased a security awareness training product, how do you maximize its effectiveness? How do you ensure behavior change?
Security awareness training is vital. How do you measure a security awareness training ROI? Learn how to get a 2,600% ROI in this article.
Mergers and acquisitions are a ripe target for cybercriminals. Read here to learn how to prevent cybersecurity risks.
This guide looks at the cybersecurity risks in each department. Read to find out about the most common departmental threats.

Your Trusted Source for Cyber Education

Sign up for ThriveDX's quarterly newsletter to receive information on the latest cybersecurity trends, expert takes, security news, and free resources.

We've joined with ThriveDX!

To deepen our commitment to creating generational impact with the best-in-class global cyber education for transforming lives, Cybint is now a proud member of the ThriveDX family.
DOWNLOAD YOUR FREE COPY
close-link

Contact ThriveDX Partnerships


If you are looking to connect with someone from our team on-site, please leave your contact information here and we will connect with you directly during the conference.

Connect With Our Team

Name(Required)

Skip to content