If your organization is compromised, you’re not powerless.

Brand Barney, Security Analyst, SecurityMetrics
By: Brand Barney
Small businesses are the target of many compromises. In fact, according to Symantec, cyber attacks on small businesses rose 300% in 2012 from the previous year.

Many business owners call us in a panic after learning their retail location or website has been hacked. Terrified, these merchants literally have no idea what to do.

But you CAN do something after a breach! Even though you’re not a security expert, there are a few To Do’s that might actually help reduce any compromise penalties you may encounter. I personally
know of a few instances in which the card brands (Visa, MasterCard, etc.) reduced compromise penalties because a hacked merchant acted proactively immediately following the breach.

SEE ALSO: What To Do If Your Business is Hacked, Step-by-Step

In the video below, I give some guidance on what you personally can do if you suspect a breach.


Want to see more vids like this? Subscribe on YouTube for more security tips.

Recap: what to do when you are hacked (or suspect you’ve been hacked)

  • Contain the breach to minimize its impact
    • Stop use of all compromised systems
    • Revert to telephone dial out terminals
    • Pull your online shopping cart offline
    • Disconnect the Internet. (If you are connected via modem, unplug the modem cable, if you are connected via Ethernet, unplug the Ethernet)
    • Change all passwords
  • Contact appropriate parties
    • IT staff, developer, and/or hosting provider
    • Merchant processor
    • Local authorities
    • Lawyer
    • Request a forensic investigator
  • Take advantage of your compromise reimbursement program

Have a business security question? Ask me below.

Brand Barney (CISSP, HCISPP, QSA) is a Security Analyst at SecurityMetrics, has over 10 years of data security experience, and will totally geek out if you mention Doctor Who. Brand loves to play jazz piano and daydreams about being as great as Dave Brubeck or Thelonious Monk. Connect with him on Twitter or check out his other blog posts.

0 comments