• Friday, March 29, 2024
businessday logo

BusinessDay

Steps to take after a malicious attack or data breach on your business

Steps to take after a malicious attack or data breach on your business

Within the first half of this year, some of the most sophisticated global tech giants fell victim to one form of one cyber-attack, data breach, privacy threat or the other. Twitter, Facebook, Google, Microsoft, Acer, to mention a few, have all succumbed, albeit very temporarily, to the sophistication and boldness of cyber-attackers.

These attacks though targeted at corporates, had broad ramifications. For instance, in the attack on Facebook, users’ phone details were leaked on a hacking forum. In another attack, the cyber-criminals attempted to poison the water supply in Florida unless the organisation paid a ransom.

The audacity of cyber-criminals to launch daring raids on tech giants, unicorns, multi-billion-dollar businesses with massive budgets for cybersecurity; with a retinue of tech gurus, ethical hackers in their employment, as well as researchers, analysts constantly monitoring any form of breach, should worry everyone, especially the small and budding businesses.

Therefore, it will not be far-reaching to state that no business is entirely immune to cyber-attacks or threats; hence, the need for a proactive and quick-response plan to address any form of attack and to help minimise the extent of loss or damage to an organisation.

Following the last edition of this series, where we highlighted the five common cyber-attacks every business – SMEs, big corporates and enterprises should be cautious of; this edition addresses the steps to take in the event of an attack or a breach on your business.

1. Contain the Breach: The very first step to take in the event of a cyber breach is to determine which servers have been compromised and to contain them as quickly as possible to ensure that other servers or devices are not infected. This way, it is possible to curb the extent of the damage or risk to your business.
Here are a few immediate things to do to contain a data breach:
• Disconnect the internet.
• Disable remote access.
• Maintain firewall settings.
• Install any pending security updates or patches.
• Change passwords.
• Preserve evidence which is critical to assessing how the breach happened and who was responsible.

2. Assess the Breach: Assessing the breach allows you to know the cause of the breach within the cyber business grid, determine the extent of the damage, which puts you at an advantage if such breach happens again. These are questions to ask and things to pay attention to:
• Who has access to the servers that were infected?
• Which network connections were active when the breach occurred?
• How was the attack initiated?
• Identify how the breach was initiated by checking security data logs through firewall or email providers, antivirus program, or Intrusion Detection System.

3. Identify those affected by the breach: Ascertain who may have been affected by the breach. The search should include employees, customers, business partners, third-party vendors etc. Assess how severe the data breach was by determining what information was accessed or targeted. For example, if some sensitive customer details have been compromised, it would be essential to know, as this can lead to loss of customer’s trust or diminished reputation. Although such an attack may have a long-term consequence on your business, it is better to know the extent of the damage to be better prepared against another incidence.

Read Also: How Accion MFB helped customers survive pandemic year

4. Educate Employees about data breach protocols: After discovering the cause of the breach and identifying those affected, the next step is to communicate updated security protocols to help ensure the same type of incident does not occur again. For example, an insider threat or weak passwords, which are among the common weak links identified in cyber threat assessments, occur due to sheer ignorance or carelessness within the company. So, educating the employees would ensure stricter measures adopted. This kind of training can also be a proactive exercise. The Leadway Assurance Cyber-Risk Management team can help with this.

5. Notify customers: This might seem like the hardest things to do; however, it is a smart decision to notify your customers of any breach. Being transparent with your customers helps build trust and prevent damage to your reputational asset. You can consider a special action hotline specifically to address questions from affected individuals of the cyber event.

6. Going forward: You should make it a standard protocol to conduct frequent security checks and educate employees on data breach protocols. This step helps reduce the likelihood of the same incident occurring again in the future, and it also helps create an environment where the employees are equipped with the proper knowledge and know-how on the next step to take.

7. Consider Leadway’s Cyber Insurance Policy: We know that any organisation can also become victims of these attacks, therefore mitigating these risks should not be left to chance. A deliberate action must be in place. One such measure is to prioritise cyber threat insurance as the top of your risk mitigation system for cyber-attacks. Now that it is obvious that no organisation is fully immune, the smart step to take to have a plan that ensures that no further financial loss is incurred in the event of a breach. That is where insurance comes in.

Knowing that cyber-attacks are significant threats to business, Leadway Assurance, Nigeria’s foremost insurer with over five decades of operational and a reputation of being Nigeria’s most capitalised insurer, have a Cyber-risks insurance policy backed by a team of vastly experienced cyber-security experts.

With Leadway’s Cyber-risk insurance policy, organisations can mitigate risk exposure by offsetting costs incurred in the recovery process after a cyber-related security breach. The policy’s first-party coverage and third-party liability risk cover assure an organisation of the needed financial support should they become victims of these attacks.

To find out more on how you can access this policy, please visit www.leadway.com or call the Leadway Assurance customer care helpline on 01-2800-700. You can also send an email to [email protected] for professional advisory or request a call back by visiting www.leadway.com/call-me.

We are within your reach on our social media outlets – @LeadwayAssurance on Facebook & Instagram, @Leadwayinsure on Twitter. You can send a DM, and we would revert with all the information you require.