According to a study by the Ponemon Institute, malicious or criminal data breaches on average cost victim companies $318 per compromised record in 2010.
Having a security recovery plan can make the process smoother and less expensive, to which Richmond has listed six critical steps to take if your business has been hacked. For example:
Find out what happened.
It’s important to get a full picture of what happened, including how the hackers got in, which computers and accounts were compromised, which data was accessed or stolen, Richmond says.
“The best route may be to contact your local, county or state police computer crimes unit and the FBI, which can do forensic analyses and provide valuable guidance,” she writes.
Seek legal advice.
“If you don’t have a special cyber-insurance policy that will provide an experienced attorney, you may need to hire one to navigate the legal issues,” she writes.
Richmond also advises that you may also be required to alert state authorities because there isn’t a federal data-breach notification rule.
Communicate early and often.
Quick and honest communication with affected employees, customers and partners — about what happened, what you’re doing about the problem and what they need to do, could be necessary to saving your business’ value.
For more on IT safety and security, read Richmond’s full post here.