General Action Plan

If you suspect that you are experiencing a cyber attack, it's important to take immediate action to minimize the damage. Here are some steps you can take:

  1. Isolate the affected systems: Disconnect any affected systems from the network to prevent the attack from spreading.

  2. Notify your IT team: Notify your IT team or security personnel immediately. They can help determine the scope of the attack and take appropriate action.

  3. Change passwords: Change all passwords associated with the affected systems and any other systems that share the same credentials.

  4. Gather evidence: Collect as much information as possible about the attack, such as when it occurred, what type of attack it is, and what systems were affected. This information can help in identifying the source of the attack and preventing future attacks.

  5. Contact law enforcement: If the attack involves theft or unauthorized access to sensitive information, contact your local law enforcement agency.

  6. Notify stakeholders: If the attack involves the compromise of customer or employee data, notify those affected as soon as possible.

  7. Restore systems: Work with your IT team to restore any affected systems from backups, and implement any necessary security updates or patches to prevent future attacks.

Remember, the key to responding to a cyber attack is to act quickly and decisively. Every minute counts, and taking immediate action can help minimize the impact of the attack and prevent further damage.

Last updated