Cyber-attacks – effective strategies for businesses

Responding to cyber-attacks

Digital forensics and incident response (DFIR) are subdivisions of cybersecurity. It is essential for companies to respond to a cyber-attack forensically in order to fend off the next attack and to emerge from it in a strengthened position. This is not only crucial to avoid future attacks and to identify attackers but also to fulfil legal requirements. A response also lays the groundwork for any insurance claims.  

Immediate measures in a cyber-attack – incident response

Incident response (IR) is an organised process to overcome and manage the effects of a cyber-attack. When an incident occurs, it is crucial to keep calm and to document the incident precisely. Note down what happened, when it happened and which systems were affected. Then inform your IT team, or if you don’t have one, an IR service provider. It is important not to attempt to go into crisis mode and try to deal with the impact of the attack by yourself. This can make the situation worse and destroy evidence. 

An IR service provider should be contacted if the situation gets out of control or if internal resources are not sufficient to cope with the incident effectively. An IR service provider can also provide support with crisis management issues, such as negotiations with attackers and communication with the authorities as well as with data protection issues such as stolen data.

How do preventive measures support cybersecurity?

Effective IR also includes preventive measures. These include:

-        regular security audits 

-        staff training, and 

-        implementing security policies. 

An IR service provider can help to implement and manage these measures. Prevention is often less expensive than having to react to a cyber-attack.

As an independent IR service provider, Grant Thornton will give you direct assistance on this number: +49 800 170 1000.