Skip to Content
FDIC FDIC-Insured - Backed by the full faith and credit of the U.S. Government

How to recover from a cyberattack

  • Posted on September 08, 2021

When a business gets hit by a cyberattack, it can take days, weeks or even months to discover. What happens next can feel like a slow-motion train wreck. According to the 2020 Data Breach Investigations Report by Verizon, it takes an average of 280 days to identify and contain a data breach, and the costs can linger long after the incident.

The challenges are even greater for small businesses, because they often don’t have robust cybersecurity technology or a dedicated team to manage information technology (IT). Cyber-related incidents cost small businesses an average of $34,604 annually, according to the 2018 Hiscox Small Business Cyber Risk Report™. Reducing the time it takes to identify and contain a breach can result in significant cost savings.

Implement your IT disaster recovery plan

Having a plan to restore your data and information systems can help minimize the damage to your company. Your response plan should specify protocols for handling IT systems and restarting operations following an incident. The following tips can help your business act quickly and decisively to recover from a cyberattack or data breach.

1. Contain the threat. If your computers or networks have been infected by a virus, it’s important to act quickly to stop the spread. Run virus scans on all computers and tighten email security settings to block malicious emails. You should also change the settings for the firewall and update credentials of the affected system.

2. Assess the damage. Alert your IT staff and work together to determine what was lost in the aftermath of a cyberattack. Once you’ve confirmed the type of information stolen and the extent of the damage, you can respond accordingly with next steps.

3. Secure your passwords. Respond immediately by changing passwords and restricting network access. Set up multifactor authentication and require employees to use strong passwords and change them regularly.

4. Invest in technology. Make a plan to upgrade security technology with additional controls and layers of defense. Introduce software to prevent malware, ransomware and spyware attacks.

5. Back up your data. Store data in several places, using off-site and cloud-based services. Doing so can help you restore operations quickly without having to pay for a ransomware decryption key.

6. Audit your systems. Monitor the affected systems for continued suspicious activity and conduct a cybersecurity review of all systems. Doing so can help you plug security gaps in the future.

7. Review insurance coverage. Consider buying cyber liability insurance to protect against financial losses resulting from damage done by hackers or computer viruses.

If you’re planning to invest in cybersecurity technology and tools, United Community Bank can help secure the funds you need to make it happen. Learn more by calling us at 1-800-UCBANK1 (1-800-822-2651), or schedule an appointment online.

External Link Disclaimer

You are leaving United Community and being directed to a third-party site that is not maintained, owned or operated by United Community Bank. United Community does not control and is not responsible for the privacy or security practices of the third-party. By clicking “Accept,” you are requesting to be transferred to the third-party website. If you do not want to visit the page, you can close this page by clicking "Return To Site”.

Non-deposit products: are not insured by the FDIC; are not deposits; and may lose value.