Strategies to consider if business data is stolen or compromised.

Hackers Attacked Your Company’s Network: What Now?

August 25, 2015 Tech4BusinessNow Article

Consider these steps if business data gets stolen or compromised in a data breach. Plus, how to handle your company’s network security going forward.

By Renee Morad

A hack or other attack on technology can be detrimental to any business—but particularly to a small- or medium-sized business that has fewer resources to fight back. Once company data is breached and falls into the hands of a cyber thief, an SMB is faced with the challenges of swiftly addressing the situation, minimizing financial losses, notifying customers, putting measures in place to prevent future attacks and working to rebuild the company’s reputation—which can take years to remedy.

If you think your SMB is unlikely to be targeted, think again: An estimated 71% of security breaches target small businesses, according to the National Cyber Security Alliance (NCSA). Meanwhile, almost half of small businesses have been victims of cyberattacks at one time or another, according to the NCSA.

“Small businesses should realize that the moment they open their doors, they become targets of convenience to hackers around the world,” says Ken Barnhart, president and CEO of IT consulting firm Occam Group, based in Edina, Minn. “Network security breaches are inevitable in today’s small-business environment.”

The problem is that many SMBs are unprepared for a data breach. “Most small businesses don’t have a plan when it comes to an attack on their technology,” says Eric Ebner, president and director of research and development at IT consulting firm Protocol 46, based in Saint Paul, Minn.

And SMBs often don’t have the resources to fully recover from a data breach. Fully 60% of small businesses that experience a breach go out of business after 18 months, according to credit-monitoring firm Experian.

However, there are steps SMBs can take to increase their chances of making a full recovery following a hack.

Containment measures

First things first: SMBs should know how to spot the early signs of a potential data breach. Any unusual computer behaviors—including slow computer response times, pop-up windows that are difficult to close or spam emails being sent by your account—could indicate that your PC has been infected with malware or has a virus.

If this happens, investigate whether there’s a chance that data has been compromised. If so, immediately inform the personnel responsible for your company’s IT system, Barnhart says. “They have the most in-house knowledge of your network and can take steps to isolate your ‘crown jewels,’ or valuable personal identification information,” he says.

For SMBs that don’t have an in-house IT expert to lean on, the company should seek qualified help. Ideally, the business owner found and vetted an expert before the attack—someone they can call at a moment’s notice. “Getting qualified help is the first step, and hopefully that small business already has someone they talked to and vetted that they can now turn to,” Ebner says.

Follow a step-by-step plan

Another key tactic is to have an incidence response plan in place—one that can be quickly implemented in the event of a hack or other attack on technology. The plan outlines the key steps to follow, so that the business isn’t scrambling to determine what to do next.

The plan’s specific steps will vary depending on your business’s size and type, but might include, for example, assigning an employee to be responsible for reaching out to an IT professional and a legal adviser in the wake of an attack. Another piece of the plan is to understand your network, including what devices are connected to it and who has authorized access.

“You have to know your network,” Barnhart says. “Without a thorough understanding of what you have and where it is, it becomes exponentially more difficult to create a solid data-breach incident response plan.”

Know your regulatory requirements

Although many SMBs might be lagging in the IT compliance department and don’t have an in-house compliance officer or dedicated team, it’s important to know what the regulatory requirements are in the event that a data breach occurs.

First, determine whether your company must adhere to HIPAA regulations or PCI security standards. In addition, most states have some form of reporting requirements.

“Different industries and different states have varying laws regarding your responsibility for addressing and reporting data breaches to the government and to the public,” Barnhart says.

Then, it’s crucial that the company notifies the affected customers and parties while adhering to regulatory requirements.

Consider a mobile wipe

If a device becomes lost or stolen and you’re worried about data being compromised, consider a so-called mobile wipe, or remote wipe, to protect sensitive business information.

According to a recent survey conducted by Penton and commissioned by Hewlett-Packard, almost one-third (31%) of survey respondents said they were “moderately interested” in the ability to remotely wipe from specific mobile devices. Another 14% said they were “very interested.”

There are several options for mobile wipes, Barnhart says, including a factory reset, full device wipe (generally more secure than a factory reset), and using a “containerized” app for business data. Still, even remote wipes are not foolproof. For example, savvy thieves might disable a device’s network connection before the remote wipe is ordered.

Take proactive measures

After an attack on technology is fully addressed, it’s critical that a company takes proactive steps to prevent future breaches.

There are certain key cyber security guidelines that every small business should know, according to Barnhart. Ideally, these guidelines are implemented as a first defense, long before a company experiences a breach or attack on technology, to best safeguard data:

  • Know thyself. “Maintain a hardware and software inventory and make sure IT has a network architecture plan,” Barnhart says. “If you know where your critical data is stored, then you know where to apply hardened security settings.”
  • Patch all of your operating systems and software regularly. “Those Microsoft Word patches are actually really important,” says Barnhart. “A huge number of security breaches occur because hackers exploit vulnerabilities that were actually fixed months prior.”
  • Hire a security or IT professional to run a vulnerability scanner and penetration testing on your network to provide quick feedback on ways to strengthen network defenses.
  • Invest in intrusion detection and intrusion prevention systems (NIDS & NIPS). “These security tools can be configured to monitor your internal network for suspicious activity,” Barnhart explains. “Firewalls are no longer reliable protection against cyber-attacks.”
  • Establish an information security plan and risk assessment to help business leaders make informed choices about acceptable risks.

This article was underwritten by HP: Introducing HP BusinessNow, the right technology to help your business grow. To register your business for a $25,000 tech makeover please visit: