The SME breach procedure
Last year a UK government report revealed that 32% of businesses identified cybersecurity breaches or attacks in the previous 12 months with the average cost tied to successful violations in financial and data losses, being at £4,180.
These breaches occur fast, and you need to take the right steps from the start to ensure minimal damage.
Regardless of the technology, you have in place; there is a risk of yourself or your business falling victim. And in this instance, you need to know what to do.
You can either save this webpage or scroll to the bottom for a PDF download of this procedure, along with what we do when we are notified of the attack.
If you/a member of your staff have “clicked on a link” that you feel suspicious of, then –
Step one: Call us.
Not in 10 minutes once you have discussed it with colleagues, not even once you finish reading this first step. Call us the moment you suspect something has gone wrong. The call should only last a couple of minutes, and we will start to stop further actions immediately.
Note: We may tell you to turn off your PC’s and disconnect from the internet cables depending on the type of link you describe, so please give us as much information as possible.
Step Two: Cut off payments.
If there’s been a bank transfer that you have instigated, contact your financial institutions and stop all outgoing payments from your accounts. If it is a 3rd party or a client, inform them to do this ASAP.
Step Three: Notify your team.
Send an internal email to your team or a group message for them all to change passwords and to suspend out-going payments until you know it is safe to do so.
Step Four: Prevent it from happening again.
Once you have received the relevant information from us, you must then make sure this kind of breach doesn’t occur again. We can book in a security audit/meeting with yourself; there are very cost-effective tech options that can prevent these at the click of a button.
There are also manual, and straightforward methods of doing this. Have staff regularly change passwords, regular email rule audits and internal training. Though these are free to do, they do require quite a lot of time and management to enforce across your company, often with the tech alternative outweighing the risk & time.
What we do behind the scenes.
From the moment we answer your call, we work to put an end to whatever system has been put in place and make things right.
To find out more in-depth our process from stoping the breach to what we provide you in within our incident management, you can download the breach procedure PDF below.