Your business has been hacked? This is what you do now

The old saying that to prepare for peace is to prepare for war has never been more accurate than in the age of hack attacks. Fortunately, there are ways to protect your business

Your business has been hacked? This is what you do now

It’s essential to have contingency plans in place if a business is compromised by a theft of information and to act quickly when you suffer a hack. Whilst a business can never really be fully protected from determined individuals who may unlawfully exploit sensitive information, steps can be taken to minimise the damage should a business ever be faced by such a scenario.

Whether large or small, no business is immune to the risks of being breached. There are many possible situations in which an organisation can be compromised, whether that be money going missing, the theft of intellectual property or sensitive customer information being used to gain commercial advantage.

The first 24 hours are vital for damage limitation and knowing how to react may determine how much financial and reputational damage is done, therefore, quick action is essential. When faced with a situation where the business has been compromised, the first step should be to contact trusted third-party advisers who can offer immediate, impartial and clear advice to help put contingency plans into action.

In some cases, for instance to stop money from leaving the country and/or to recover materials taken from your business, an urgent interim injunction may be necessary to protect business interests. It often surprises executives that court orders can be obtained without the opposition having prior notice. Such orders can be used to freeze bank accounts and undertake property searches and the seizing of evidence, which is often only thought to be the case in criminal prosecutions, rather than commercial cases.

It is often recommended that an internal investigation is conducted. If so, it may be necessary to bring in other experts such as forensic IT specialists to conduct it. These teams can identify, preserve, recover and present insights concerning the key digital information available, as well as track activity on email accounts and servers. They often unearth the evidence used to pursue wrongdoers. This early digital forensic work is especially important if the scenario is likely to be the subject of a court case , as it lessens the risk of the evidence being compromised during the investigation.

The discovery of any kind of breach can have serious implications not only financially but also reputationally. When a crisis unfolds it is vital to focus on managing communication between the business, its people and its customers. By taking the time to explain and manage the situation and how it is going to be rectified, businesses will be looked upon far more favourably by their customers.

From a regulatory point of view, with the General Data Protection Regulation now in effect, reportable breaches must be reported to the Information Commissioner’s Office within 72 hours, therefore businesses should ensure that policies and processes reflect these new regulations and enable the business to react within the deadline.

It goes without saying that prevention is better than cure and in the case of dispute resolution, there are several actions businesses can take to mitigate risks and protect themselves. Steps such as conducting a gap analysis to highlight changes which need to be taken in order to ensure the business is as well-protected as it can be, ensuring that financial and IT systems are secure and putting policies in place to prevent any one individual from holding too much control, can reduce the chance of a business being compromised.

However, risk is about risk management, not risk elimination. The reality is that there is only so much a business can do. A motivated individual or groups determined to cause harm to an organisation is going to try their luck no matter how many obstacles are in their way. Consequently, one of the best ways to prevent employees from being dishonest is to plan for it and accept that it may happen at some stage. Should a situation arise, take firm, immediate action to send a clear message to the workforce that dishonesty will not be tolerated.

On reflection, people often realise that there were changes which may have been signalling unlawful behaviour. These could be anything from a change in behaviour, lifestyle or even work habits. Therefore, employees should be encouraged to speak up should they feel that something is amiss. Businesses may also wish to introduce policies which discourage fraudulent behaviour, one option being the enforcement of two weeks of consecutive leave, as this may help businesses to detect fraudulent activity as such a period away from the office makes it harder for an employee to conceal their wrongdoing, in particular, financial impropriety.

There is no denying that the discovery of the business being put at risk is likely to have serious ramifications. However, by establishing strong relationships both within the business and the wider commercial network and having a robust incident plan, organisations can ensure that they are well-prepared and quick action can be taken should a crisis ever strike.

Richard Thorpe
Richard Thorpe

Share via
Copy link