Your company was hacked. You feel panic, embarrassment, anger, fear and confusion. But you must act quickly, logically and decisively to stop the bleeding and protect your business, your customers and your employees. The good news is you are not alone in this fight. A group of dedicated cyber security experts can help you stop the hack, strengthen your system to prevent a future attack, and mitigate the risk to your business. Here is who you should contact right away if you get hacked.
IT Professionals
Your first call should be to your IT team to stop the cyber-attack and figure out what went wrong. If you don’t have an internal IT team, there are outside experts (such as TrustedSec) who can help. Good IT professionals should be able to detect the source of the attack, the nature of the attack and what information has been compromised. They should also be able to end the cyber-attack and remove malware from your system. Additional, cyber security experts can also install further security measures to your systems to ensure another similar attack does not happen again. Again, priority one should be stopping the attack and making sure it doesn’t happen again.
Cyber Security Attorneys
At the same time, you should contact your trusted Cyber Security lawyer. There are many legal and regulatory consequence from being hacked. A good cyber security attorney can guide you through the various legal and regulatory obligations you must meet following a cyber-attack, including taking steps to notify concerned parties and government regulators. Attorneys can also help you mitigate your liability to potential lawsuits that often follow a cyber-attack. Lastly, cyber security attorneys can serve as a central resource for coordinating a cyber security incident response including putting you in touch with IT experts, law enforcement, and PR specialists.
Law Enforcement
Depending on the situation, it may be advisable to contact local law enforcement or the FBI following a cyber-attack. This may especially be true in the case of a ransomware attack. The FBI has specialized units dedicated to fighting cyber-crime and may be able to help your company resolve the cyber-attack. Companies may also have certain regulatory requirements to contact law enforcement in the event of a cyber-attack.
Insurance Company
More and more companies are obtaining cyber security incident insurance. This is a good idea as the risk of cyber-attacks grows. Putting your insurance carrier on timely notice is likely a requirement for seeking reimbursement on a cyber security incident claim and delaying the notice may be grounds for denying a claim. Again, consult an attorney to determine your obligations for making a cyber security incident claim.
Media Crisis Experts.
Cyber security incidents are often hard or impossible to keep quiet and ultimately the public may know there is something wrong. Having a skilled media specialist who handles responses to cyber security incidents can help assuage public fear and anger and reduce the risk to your company.
Bottom line, cyber-attacks are a fact of life. We do what we can to prevent them, but sometimes the best preparations are not enough. The most important thing to keep in mind in responding to a cyber-attack is not to panic and to immediately contact your trusted advisors for help. You are not alone in this fight. KJK is here to help. For assistance navigating a cyber-attack, please contact KJK attorney Michael Hoenig (MHD@kjk.com, 217,736.7247).