Reliable Recoveries: How To Respond To A Cyber Attack

An ounce of prevention may be worth a pound of cure, but no cyber security prevention strategy is foolproof. Small businesses must have plans for how to deal with successful attacks. To help entrepreneurs develop such plans, the National Institute of Standards and Technology recently consolidated its emergency response tips into a single document, the Guide for Cybersecurity Event Recovery. According to this handbook, small businesses must have:

Contingency Considerations

The key to responding quickly to a cyber attack is to anticipate how such an attack is likely to progress. To do this, you must first study your firm’s IT systems and identify sources of vulnerability; you can then predict how a hacker or malicious program would attack you. Consider every possible form of attack, its likelihood of succeeding, and the nature and impact of the damage it would cause. You can then identify the resources and steps for a successful recovery.

Cyber Attacks

Bolstering With Backups

Cyber attacks often involve encrypting important information or locking you out of your devices. Redundant systems and storage are thus essential for a successful recovery. Begin by identifying all systems and types of information your organization needs to operate, ranking them in order of importance. Then obtain equipment that can perform the same functions and back up necessary data. Make sure not to network that computer with your primary systems, as that will expose them to the same risks. You should also keep redundant equipment physically separate and protect it with complex passwords and advanced anti-malware programs.

Staging Systems

In addition to helping you obtain unnecessary equipment, ranking your IT systems by an order of importance also makes it easier to plan recovery steps. After an attack, you will need to bring critical systems back online to continue operating. At the same time, you don’t want to reactivate all systems at once before you have thoroughly analyzed the attack, as some may still be vulnerable. Ranking allows you to restart operations in stages, bringing indispensable ones online as soon as possible while leaving less crucial things offline until you are sure they are safe.

Communications Concerns

After an attack, you will need to be able to communicate with service providers, vendors, and your company’s other departments. Not only can these other parties help you recover, but their systems may be at risk through association with yours. You should thus have a clear sense of whom you need to contact immediately, as well as how to get in touch with them if the attack compromises your ordinary communication equipment.

Public Presentation

Besides compromising your systems, a cyber attack can harm your brand image, making you look unsafe and irresponsible to customers. You thus need a plan for how to inform consumers about the attack, presenting the information in a way that does minimal damage to your reputation.

OffSite IT helps Chicago, IL and Southern California businesses protect themselves against cyber attacks and develop realistic response plans for attacks that do happen. Call (866) 828--6674 or email us at for more information.

Used by permission


I first hired John directly as an employee back in 1999.
He was an excellent addition to a growing team at a small technology company. Subsequent to the sale of the company, John branched out on his own and started an IT consulting firm. Since that time, I have not used anyone else. John is capable, personable, has integrity and is also very likable. I would recommend him without reservation.”

  Kevin DiCerbo   

Connect With OffSite IT

    • Los Angeles / Orange County 21520 Yorba Linda Blvd. Suite G417 Yorba Linda, CA 92887
    • Chicago 6912 Main Street Suite 214 Downers Grove, IL 60516
    • 1-866-828_-6674