Image courtesy of pixabay.com

In our last article, we talked about what to do to prevent a breach in cyber security. But what if you have already been the victim of a scam or malware attack? How do you move forward and protect yourself and your clients from being victims at a later date? The feelings associated with a cyber-attack range from disbelief to denial, anger, embarrassment and ultimately, being ready to take action.  The one thing you don’t need to do is PANIC.


  • Sixty percent of all online attacks in 2014 targeted small and midsize businesses.
  • Hackers have stolen billions of dollars from American companies by impersonating CEOs in an email scam — and the loot gets wired to banks in China and Hong Kong 83% of the time. Between October 2013 and February 2016, the FBI got reports from 17,642 companies that lost $2.3 billion in scams such as this.

There are several steps to follow to help you move forward after a data breach:

  1. Change passwords – If your email account or website has been hacked, immediately change your passwords and notify your website developer.
  2. Disconnect from your network –stat! If your computer has a virus on it, then your network typically is the access point for the hacker and you want to cut off their reach before anything else is stolen or damaged. The sooner you can block their access the faster you can shut them down.
  3. Have a computer forensics expert assess what was accessed and when it happened.
  4. Begin again. Restore data with your back up files. Use the last known clean data and restore the software from there.
  5. Contact your attorney and request a reference for someone familiar with data breach regulations. Your insurance company may also be able to help you with this. Also, talk to your local police department and find out if their cyber fraud department has any insight. Other authorities to contact are the state criminal investigation units and the IRS criminal investigation units.
  6. Notify staff that until a communication plan is in place and the extent of the damage is known, the problem is to be kept confidential. Once the amount of damage is determined, be sure that all of your staff has the script/verbiage as to what information is to be shared with the public. And yes, disclosure should be done as it maintains trust.
  7. Take measures to prevent the problem from re-occurring. Consider restructuring your set-up, to make it harder for scammers to get in. Remind employees of security procedures and be sure to apply all patches and updates. And, if you were not doing so before, now would be the time to start using a remote server for log files so that even if a hacker crashes your system, they cannot falsify the evidence.

Cyber-attacks, sadly, are part of the business world and those who perpetrate them are no respecter of the size of your business. It is because of their ruthlessness that you need to take cyber security measures seriously. If you have doubt about your cyber security, now is the time to make changes.