System hacked alert after cyber attack on computer network. compromised information concept. internet virus cyber security and cybercrime. hackers to steal the information is a cybercriminal Sytech advice Stoke-on-Trent company.
/

Expert advice on combatting cyber attacks 

2 mins read

Digital forensics experts Sytech have come up with a six-point plan for helping firms combat cyber attacks. 

The Stoke-on-Trent-based consultancy says it is crucial that businesses know how to react if they suspect they have been a victim of a hack. 

The advice comes as figures reported in the Cyberthreat Defense Report show that more than 81 per cent of businesses in the UK had experienced at least one ‘successful’ cyber attack. 

Here is Sytech’s step by step guide to dealing with the increasing threat: 

Step 1 – Communication:  

If you suspect you have had customers data stolen, the first step is to make sure the relevant parties are informed within your business. This may include your IT Manager, Senior Managers, Data Protection Officer and Security Operations Centre.  

Depending on the extent of the breach, you will have 72 hours from identifying the breach, to report it to the Information Commissioner Office (ICO). A full investigation is not expected within this time frame, they will allow you to provide information in phases. It’s important at this stage to make sure a log is kept of all actions taken so that they can be included within the report.  

Step 2 – Containment:  

To prevent the attack from spreading further into your network, the immediate action will be to contain the incident by isolating compromised devices from your network. This may also involve isolating entire parts to your network if a particular office or department is affected.  

Step 3 – Investigation and Removal Of Threats:  

Now that the affected devices have been contained, you will need to have the devices examined to determine the extent of the attack including:  

  • What data has been stolen? 
  • If the attacker can still access your IT network? 
  • How was the attacker able to gain access?  

Any threats that could allow the attacker to regain access to your network will then be removed.  

We know that time is of the essence in these situations. By choosing SYTECH, you will get undivided attention and focus with the best customer care from the moment you first contact us, until the incident is fully resolved. 

Step 4 – Submit A Report:  

Once the investigation is completed and depending on the results, you will need to submit a full report to the ICO. Not all incidents need to be reported though. You can use the self-assessment tool on the ICO website to see if a report is required.  

Step 5 – Recovery:  

Now that the investigation has concluded, you can now start the recovery process to restore functionality to your business. Ideally, you will have backups of your data which will allow you to carry on where you left off. Once you have your systems back online, you should test and monitor each device to ensure there is still no threat.  

Step 6 – Security Improvements: 

The final step is to review the incident, so that you can apply additional security to prevent a similar incident in the future. This can involve: 

  • Installing security patches 
  • Physical security improvements 
  • Changing passwords 
  • Staff awareness training 
  • Install monitoring software 

Although your IT environment is now secure, threats are ever evolving. Once improvements have been made to your systems, it is vital to continue monitoring for threats and making an effort to constantly improve your security and keeping staff aware of the dangers. 

Nigel Pye

Experienced journalist with a 30-year career in the newspaper and PR industry and a proven record for breaking stories for the national and international press. Nigel is the Editor of Daily Focus and Head of Creative at i-creation. Other work includes scriptwriting, magazine and video production, crisis communications and TV and radio broadcasts.

Latest from Blog