What can you do in case you are subject to a cyber attack?
The cyber attacks are becoming more sophisticated, so it is necessary to have savvy and educated employees, no panic and give a prompt reply.
How?
1. The first step is to put together a prompt incident response group. This group has made up of members of your workforce and with consultants that can assist with responding to an incident. A group leader can be who has, in your organization, the authority to make decisions. It very important that decisions move very quickly once an incident occurs.
2. Implement a plan addressing how to respond to a cyber-incident. The plan should include such items as what security measures need to be implemented, how to back up the relevant data, and ways to preserve evidence and maintain documentation.
3. Review your Insurance Policy and your internal policy: It a good thing to have insurance coverage for cyber-incidents. Some general liability policies may provide coverage for certain costs and expenses. Review the insurance policies you have in place to determine what is covered, how it is covered and the steps that must be taken in order to obtain the coverage. Review and analyze your internal policy. Understand what is works and what doesn't work. If you haven't got internal policy it's time to get it (wake up you!).
4. Educate your Employees. Train employees on what cyber-incidents look like. Give them, with an IT expert, an example of a phishing e-mail, what not to do, and whom to call if an incident occurs. It important got employees well informed. An unintentional employee actions account for a significant percentage of data breaches.
https://www.linkedin.com/pulse/what-can-you-do-case-subject-cyber-attack-giacomo-breda/