Responding To A Security Breach

Responding to a Security Breach

Does your Small business security program include a management plan that covers security breaches? According to recent studies, many organizations are ill-equipped to deal with a security data breach. In the last 12 months, hackers have breached half of all small businesses in the United States, according to the 2016 State of SMB Cybersecurity Report. Falling victim to a cyber-attack or data breach can have devastating consequences to your business. Some of the consequences include settlement payouts that can go up to $10 million dollars. It’s very important that organizations have an established and tested security breach management plan that can be used to respond to data security breaches. So how should you handle a Small business security breach?

Prepare before the incident occurs

Proper planning will help you respond to, contain, eradicate, and prepare for future attacks. Ensure your business has developed an incident response plan that documents the steps and procedures that will be taken when an incident arises. If your business already has a plan, it’s important to test that plan. Preparing for an incident may be the most critical function you can do.

Assemble a Taskforce

Your organization should have a team of knowledgeable individuals on hand ready to recover from an attack. Rigid Bits can support your team and augment staff to help your recovery efforts. The team should be defined, prepared, tested, and ready to respond should an incident occur. This includes members of upper management, legal advisors, and an incident commander who manages the recovery efforts.


The first job your security taskforce should handle is identifying the cause of the security breach and ensuring that it can be contained. Containing the breach will prevent additional systems and data from being compromised and will assist in stopping the breach sooner rather than later. This process normally entails resetting passwords, disabling network access, and taking steps to delete or recall information.

Assess the Extent of the Security Breach

After containment, you will need to assess the extent of the breach. This is usually done by checking and identifying who and what has been affected. It’s also important to find out how the data could be used against the victims. Administrators will also need to consider the context and scope of the breach.


In the case of a serious security breach, it’s important to have a mandatory notification protocol. This will not only help those affected to protect themselves, but it will also save you from losing valuable clients.

Prepare for Future breaches

Once you experience your first breach, it’s important to note all the key elements of the breach. Customers may understand an isolated failure, but repeated breaches will never be forgiven. Make sure you carry out a detailed post-breach audit to determine how your Small business security program can be improved.

Want to learn more about Security breaches and Small business security? Rigid Bits offers high impact security services designed for small and medium businesses. For more information on how to improve your business’s security, call us at 720-593-2487 today!

About The Author
Dustin Mooney

Dustin Mooney

Dustin Mooney is a co-founder and principal consultant at Rigid Bits. Dustin has been in Cybersecurity for 10+ years and has worn many cyber-hats from IT auditor, cyber threat intelligence analysts, incident responder, and forensic analysts. His blog posts are founded in the understanding and evolution of the cybersecurity industry and lessons learned while working with clients to solve their cyber challenges.

Let’s Discuss Your Needs

Our experience with hundreds of businesses across diverse industries provides us with the expertise to understand your unique challenges.