Skip To The Main Content

How to respond to a cyber-attack

How to respond to a cyber attack_feature

Cyber-attacks are big news, with TalkTalk, Ashley Madison and Vodafone just a few of the high-profile cases of the last year. But as a start-up or small business, it’s easy to think you won’t be affected. Why would anybody target you? Plus, with so many other things on your plate, it’s hard to find time to think about cybersecurity, or plan for the aftermath of an attack.

If that sounds familiar, then you might be surprised to hear that nearly half (43 per cent) of all cyber-attacks last year were on small businesses and that 66 per cent of small firms were affected. Experts attributed the rise in part to small businesses being a soft target, without the funds, time or knowledge to defend themselves. 

Research also shows that the majority of businesses still aren’t taking the threat seriously, with 77 per cent of organisations unprepared for cybersecurity incidents. With the cost of a cyber breach standing at around £3,000, not to mention the long-term reputational damage, it is time to sit up and take notice. 

While cybersecurity is one thing, even with the best technology and security measures in place, sometimes you’re powerless to stop a breach. Which is why an effective response plan is essential, enabling you to control the situation as quickly as possible, with minimum impact to you and your customers. 

Yet, despite its importance, only 4 per cent of small businesses have a contingency plan in place. For those that don’t, a slow response is likely to mean greater damage, higher costs and a bigger dent on your reputation.   

Your response plan should include the following:

Finding out what happened

Speed is of the essence following a cyber-attack. You need to know what caused the breach, with a view to rectifying the problem quickly and ensuring it doesn’t happen again. As a small business, it is unlikely you’ll have this expertise in house, so have IT forensics experts on hand for if and when you need them. 

Your legal response

There are numerous legal issues to consider, including whether to inform the Information Commissioners Office (ICO) of the breach and defending your business against any claims of malpractice, as well as managing your approach to customers and the media. For this, you’ll need a good lawyer, ready to support you from the moment you’re aware of the problem. 

Handling media queries

You could be the focus of media attention following a breach, so be ready to handle all external communications about what happened and how you’re responding. Again, time is of the essence, so you’ll need to have statements ready to go as soon as possible. If you don’t have your own PR expertise internally, make sure you have external support – whether an agency or experienced consultant – on speed-dial. 

Informing customers

Depending on your customer base and the scale of the breach, you could have a lot of unpleasant phone calls to make! You’ll need to be ready with a way to handle this communication efficiently across numerous channels, including at least email and telephone. As a small business, this communication should be as personal as possible, but your lawyer will be able to advise on what you should and shouldn’t be saying. 

Make sure you’re covered

If the worst does happen and you’re facing the repercussions, your final line of defence is a watertight and specialist cyber insurance policy. Bear in mind that policies can vary significantly, so be sure to seek specialist advice regarding the best option for your needs and how these might change over time. Some insurance policies will also offer an immediate response plan and external expertise as part of your cover.

Finally, take note that the new data protection regulations coming into force in 2018 mean the potential impacts of a breach will become even greater, with fines set to increase to as much as €20 million. So make sure you’re on top of cybersecurity, before it’s too late.

Ben Rose is insurance director and co-founder of Digital Risks (