Close Menu
  • News
  • Home
  • In Profile
  • Finance
  • Legal
  • Technology
  • Events
  • Features
  • Wellbeing & Mental Health
  • Marketing
  • HR & Recruitment
  • About
  • Advertise
  • Events Calendar
  • Business Wall
  • Subscribe
  • Contact
  • 0843 289 4634
X (Twitter) LinkedIn YouTube
Trending
  • European Businesses Facing Increased Costs Due To Supply Chain Disruption
  • Dementia Advocate Shares Tips For Supporting People With Dementia When Flying
  • SME Today talks to Sa’ed Anabtawi, Product Director, WOLF
  • The Truth Behind ‘Sickies’
  • Five ways to monetise your business EV chargers
  • New book on conquering fear of public speaking
  • 1 in 3 employees anxious about lack of first aiders at work
  • What SMEs risk when their IT provider gets bought out
X (Twitter) LinkedIn YouTube
SME Today
  • About
  • Advertise
  • Events Calendar
  • Business Wall
  • Subscribe
  • Contact
  • 0843 289 4634
  • News
  • Home
  • In Profile
  • Finance
  • Legal
  • Technology
  • Events
  • Features
  • Wellbeing
  • Marketing
  • HR & Recruitment
SME Today
  • About
  • Advertise
  • Events Calendar
  • Business Wall
  • Subscribe
  • Contact
  • 0843 289 4634
  • Twitter
  • LinkedIn
  • YouTube
  • RSS
You are at:Home»Technology»Your business has been a victim of a cyber-attack, now what?
cyber attack - system hacked

Your business has been a victim of a cyber-attack, now what?

0
Posted By sme-admin on January 11, 2024 Technology

Research carried out by cybersecurity experts ramsac indicates that human error is responsible for at least 90% of cybersecurity breaches, meaning businesses must do more to protect themselves against cybercrime.

Unfortunately, around 20% of businesses still don’t have any form of cybersecurity training in place for their staff and rely only on readily available security features, such as anti-virus software, to hinder criminals. As businesses continue to be victimised by more sophisticated attacks, such as phishing scams and malware, it’s clear greater measures are needed. So, it’s worth asking yourself, is your business vulnerable to a cyber-attack? The answer is more likely yes.

What steps do businesses need to take when a cyber-attack has happened?

Before a cyber breach even happens, it’s worth assessing the risks affecting your company and setting up an Incident Response Team to ensure the issue can swiftly be isolated and resolved. Your Incident Response Team (IRT) must consist of key stakeholders within your business as well as either your IT provider or IT department, as they are vital for isolating the attack.

Live or ongoing cyber-attacks that are serious must be reported as a matter of urgency to the National Cyber Security Centre (NCSC) and Action Fraud as they are considered criminal acts. They’ll offer additional support and specialist advice to assist during the response and mitigation stages. Here are the steps you’ll need to take if your business is going through a cyber-attack:

1. Initial assessment of the breach

With your company’s IRT in place, they’ll carry out an initial assessment to understand the severity of the attack. This assessment will consider how the threat might impact the organisation. This assessment will answer the following questions:

  • What has happened?
  • How many people, devices and systems are affected?
  • An exact description of the incident and what occurred.
  • What is the impact on the organisation?

2. Contain the breach

Simple solutions like disconnecting the internet and immediately changing all affected passwords are the easiest things to do to help contain a breach. It’s best to have either your IT department or IT provider handle this stage, as they are more equipped to deal with cyber-attacks.

3. Investigate the attack

Whatever the cause, your company’s IRT will investigate to determine how the attack started and the full extent of damage faced.

They’ll need to be critical of the situation and start to understand how it might have occurred. Having an IT provider conduct the investigation is ideal as they’re already removed from the situation and can see it with fresh eyes and without bias. As part of their investigations, they’ll work to determine:

  • Which staff members or contractors had access to the affected servers?
  • How the attack started.
  • Who the cyber-attack directly affected? It’s worth noting that customers, vendors and employees must be notified immediately when personal information or service disruption affects them.
  • Whether this incident was down to human error or if it was a deliberate and planned malicious attack.

4. Mitigate the risks

With an IRT in place, you should also have backup and restoration plans, such as remote servers, to help minimise any downtime.

The mitigation stage also includes futureproofing your business against further attacks. Any vulnerabilities picked up during the investigation stage will be dealt with to prevent similar incidents from occurring.

5. Communication with stakeholders and customers

As determined by laws and regulations, the IRT will contact anyone directly affected by the cyber-attack. This might include individuals whose personal data has been compromised during a breach. If it’s necessary to do so, the IRT will then take responsibility for reporting the incident to management and authorities, such as the National Cyber Security Centre.

6. Paper trail and documentation

From the initial assessment to the documentation of communication, your company’s IRT will collate every stage and decision made during the cyber breach. This exercise ensures full transparency where decisions have been made earlier on in the attack whilst informing preventative measures later.

After an attack, any decisions and documentation are likely to be heavily scrutinised and will need to be in good standing if legal action is taken against your company.

7. Evidence gathering and handling

No matter the nature of the attack, companies may face legal action from either authorities or those requiring compensation. For companies to demonstrate they made the right decisions and protected any critical business data, they’ll need to accurately reflect this within their documents and risk assessments.

How can you be proactive before a cyber-attack occurs?

As we’ve already determined, cyber-attacks are the biggest threat to businesses across the UK. In 2022, a devastating 480 million personal records were breached due to cyber-attacks. So, how can you be proactive and help prevent a cyber-attack?

1. Invest in a cybersecurity provider

When a cyber-attack occurs, it can be difficult to know the correct steps and stages to follow. Fortunately, this is something that a cybersecurity provider can offer. They’re likely to help you build a strong contingency plan and cybersecurity strategy that actively addresses weak points within your infrastructure whilst also monitoring potential threats.

2. Ensure your servers have remote backup

To continue offering customers continuity of service, especially whilst the threat is dealt with, you’ll need a remote backup option that keeps your business operational.

3. Search for weak points in your workforce

This shouldn’t be a task that penalises any staff members with limited cybersecurity knowledge. Instead, it should be an opportunity for development and internal training. Identifying a need for further education can only strengthen your human firewall.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

SME Today talks to Sa’ed Anabtawi, Product Director, WOLF

What SMEs risk when their IT provider gets bought out

New Microlise Solution Unlocks Fleet Management Opportunities For SMEs

Comments are closed.

Follow SME Today on Linkedin and share all the topics you find interesting

The Newsletter

Join our mailing list for the best SME stories, handpicked and delivered direct to your inbox every two weeks!

Sign Up
Personal Pension offer
Events Calendar
    • Marketing
    August 29, 2025

    OneMetric forms strategic partnership with RevOps expert to drive UK growth

    August 28, 2025

    The Seven Phases of Festive Shopping and How to Target within Each Effectively

    • Finance
    September 3, 2025

    Five ways to monetise your business EV chargers

    September 1, 2025

    Are you flying blind on your most important business decisions?

    • People
    August 14, 2025

    A Life Worth Saving – A Tribute to Dame Stephanie Shirley CH, 1933–2025

    August 12, 2025

    Finance Director Returns As Judge For National Business Awards

    • Health & Safety
    September 2, 2025

    1 in 3 employees anxious about lack of first aiders at work

    July 1, 2025

    Temperatures Soaring: Is Your Workplace Becoming Unsafe?

    • Events
    July 22, 2025

    South West Expo Delivers Outstanding Event at Swindon’s STEAM Museum

    July 4, 2025

    £20k grant for female-founded SME up for grabs

    • Community
    July 11, 2025

    Building community, one cause at a time

    June 23, 2025

    Celebrating One Year In Fairford Supporting The Community

    • Food & Drink
    August 22, 2025

    How to get stocked by major retailers as an SME

    July 18, 2025

    Warning to Small Businesses Over New Food Waste Regulations

    • Books
    September 3, 2025

    New book on conquering fear of public speaking

    August 7, 2025

    Learning to Leave a Legacy in Business

    About

    SME Today is published by the same team who deliver The Great British Expos’. We have been organising various corporate events for the last 10 years, with a strong track record of producing well managed and attended business events across the UK.

    Join Our Mailing List

    Receive the latest news and updates from SMEToday.
    Read our Latest Newsletter:


    Sign Up
    X (Twitter) YouTube LinkedIn
    Categories
    • Books
    • Community & Charity
    • Education and Training
    • Environment
    • Events
    • Features
    • Finance
    • Food and Drink
    • Health & Safety
    • HR & Recruitment
    • In Profile
    • Legal
    • Marketing
    • News
    • People
    • Property & Development
    • Sponsored Content
    • Technology
    • Transport & Tourism
    • Wellbeing & Mental Health
    • ABOUT SME TODAY: THE GO TO RESOURCE FOR UK BUSINESSES
    • Editorial Submission Guidelines
    • Privacy
    • Contact
    Copyright © 2025 SME Today.
    • ABOUT SME TODAY: THE GO TO RESOURCE FOR UK BUSINESSES
    • Editorial Submission Guidelines
    • Privacy
    • Contact

    Type above and press Enter to search. Press Esc to cancel.