If your organization is compromised, you’re not powerless.
 |
| By: Brand Barney |
Many business owners call us in a panic after learning their retail location or website has been hacked. Terrified, these merchants literally have no idea what to do.
But you CAN do something after a breach! Even though you’re not a security expert, there are a few To Do’s that might actually help reduce any compromise penalties you may encounter. I personally know of a few instances in which the card brands (Visa, MasterCard, etc.) reduced compromise penalties because a hacked merchant acted proactively immediately following the breach.
In the video below, I give some guidance on what you personally can do if you suspect a breach.
Want to see more vids like this? Subscribe on YouTube for more security tips.
Recap: what to do when you are hacked (or suspect you’ve been hacked)
- Contain the breach to minimize its impact
- Stop use of all compromised systems
- Revert to telephone dial out terminals
- Pull your online shopping cart offline
- Disconnect the Internet. (If you are connected via modem, unplug the modem cable, if you are connected via Ethernet, unplug the Ethernet)
- Change all passwords
- Contact appropriate parties
- IT staff, developer, and/or hosting provider
- Merchant processor
- Local authorities
- Lawyer
- Request a forensic investigator
- Take advantage of your compromise reimbursement program
Have a business security question? Ask me below.
Brand Barney (CISSP) is a Security Analyst at SecurityMetrics and has over 10 years of compliance, data security, and database management experience. Follow him on Twitter and check out his other blog posts.