In the event of a cyber attack on your business, it’s extremely important that you remain calm and assess all the options you can take, to ensure the damage is kept as minimal as possible.
Everybody is susceptible to a digital attack, and the problem is certainly not endemic to large and notorious names. There are a few things you can do to both limit the chances of a cyber attack from coming to fruition, and to hinder its progress once it does strike.
Lawyers may not be the best solution to the issue, so the one solution to fit all approach of “contact you lawyer” isn’t as poignant when it comes to cyber issues. Having a lawyer notified of the problem is still a high priority, as they may be able to give you insight into the legal processes that may be involved with an attack of this kind.
A lawyer can be a valuable asset in the sense that whenever legal issues do arise, having a lawyer on stand by is essential for any business. Despite this, lawyers almost entirely have their hands tied in these kinds of situations, and may not be able to provide their services in full for any of the following reasons:
- Cyber attacks often aren’t traceable, and the legal actions normally afforded to a victim party won’t be as possible in these instances.
- If it is a criminal matter, your lawyer won’t have anything to do with the repercussions undertaken by the relevant authorities. Although you can have your lawyer present with you during any questionings that may take place, they can’t actively assist in the process.
Developing a strategy to combat cyber attacks, often times doesn’t require much assistance from a lawyer. Things like Domain security, general cyber protection, the ceasing of accounts in the event that they are compromised, and various other initiatives don’t really demand the assistance of legal teams.
A security plan should involve some specific actions, to ensure that the safety and integrity of your information is kept in the highest regard at all times. It should be a combination of prevention and resolution, as focusing on one or the other ignores the fact that both factors play equally important roles in dealing with an attack. Digital attack plan should include the following:
- If a network is compromised, plans should be in place to cease and shut down all operations and proceedings to contain the threat.
- A forensic team must come in to source the threat if possible, and to ensure all contaminants have been dealt with.
- Law enforcement should be notified, and complied with if the situation calls for it.
- Media should be notified if applicable, with a detailed and well designed notice on standby.
- Legal counsel should be sought out, to ensure every possible end is tied. (Although they are likely to be unable to assist you to the nth degree, it’s still important that you notify them of the issue to ensure every base has been covered)