Respond to a breach efficiently and legally with this guide.
Avoiding a breach is a great aim. But if you have been breached, what comes afterwards? CBR looks at some key steps for addressing the aftermath of an attack.
1) Discovering the breach
In an increasingly security-conscious world, there will be all sorts of alerts and indicators landing on an IT professional’s desk that could suggest a cyber attack.
For Dido Harding, CEO of TalkTalk, the latency issues from a distributed denial of service (DDoS) on the TalkTalk website were the first indicators that the company was under attack.
It could be an alert generated from a cyber security defence product, or could even be a ransom demand from an attacker.
Once one of these red flags goes up, it is important to act decisively and ascertain whether the company has genuinely been breached or whether there is some other issue responsible: often called the false alert problem.