For a business, falling victim to cyber crime is a disquieting and stressful experience. In the immediate aftermath, there are a number of hurdles to clear and obstacles to overcome. Potentially worsening the degraded cyber security situation, failure to act fast can exacerbate financial or reputational damage, and even lead to legal consequences.

So, where should businesses begin? After falling victim to cyber crime, how can your enterprise respond in a way that will yield the most optimal outcomes and greater business resilience? Chase down those hackers (just kidding, don’t do that). Aim to regain control of the situation quickly. Here’s how:

1. Identify and contain the incident. The first step is to identify the nature and scope of the cyber attack. Engage your cyber security team or bring in external experts to conduct a thorough investigation. Once the type of incident is determined, take immediate action to contain the situation and prevent further damage or data loss.

2. Preserve evidence. Preserving evidence is critical, not only for your internal investigation but also for potential legal action and regulatory compliance purposes. Ensure that all relevant logs, data, and system artifacts are securely collected and stored in a forensically sound manner.

3. Notify authorities and regulatory bodies. Depending on the nature and severity of the cyber incident, you may be legally required to notify relevant authorities, such as law enforcement agencies or regulatory bodies. Consult with your legal team to understand the obligations. Ensure compliance with applicable laws and regulations.

4. Communicate effectively. Transparency and clear communication are key during a cyber crisis. Develop a comprehensive communication plan. Keep stakeholders, customers, and employees informed about the issue, especially if it becomes persistent. Provide regular updates. Be truthful about the impact and the steps being taken to remediate the situation.

5. Conduct a vulnerability assessment. Once the immediate threat has been addressed, it’s crucial to identify and remediate any vulnerabilities that enabled the cyber attack in the first place. Engage cyber security professionals to conduct a thorough vulnerability assessment and implement the necessary security controls and patches.

6. Develop an Incident Response Plan (IRP). If your organization doesn’t already have an incident response plan in place, now is the time to develop one. A well-crafted plan will outline the roles, responsibilities, and procedures to follow in the event of a cyber incident, ensuring a coordinated and efficient response.

7. Review and enhance cyber security measures. A cyber attack should serve as a wake-up call to review and enhance your organization’s overall cyber security posture. Evaluate your existing security measures, policies, and employee training programs. Make necessary improvements to better protect your business against future threats.

The best time to stop a cyber attack is before it happens. Ensure that you have a comprehensive cyber security strategy and a unified cyber security solution in-place.

For more business best practices around cyber security, please click here. Lastly, subscribe to the CyberTalk.org newsletter for timely insights, cutting-edge analyses and more, delivered straight to your inbox each week.