Here’s what you can do to mitigate the damage caused by a cyber attack event by slowing or even stopping its progress.
While organizations do a lot to prevent a cyber attack event from ever happening, it’s become clear that no organization is bullet proof. In fact, one of the big cyber security trends that has taken hold during the last few years is the adoption of the assume breach model. This model is based on the idea that it is impossible to prevent all security breaches, so the organization needs to take steps to minimize damage when a breach does happen (and to deal with the costs afterward).
There’s a lot of information out there on what to do after an attack, but what should you do while the attack is in progress? In this article we’ll discuss what you can do to mitigate the damage caused by a cyber attack event by slowing or even stopping its progress.
Every cyber attack event is different, so there is no such thing as a checklist that is guaranteed to thwart an attacker’s efforts. However, there are some general things you can do to hopefully put a stop to the attack before the attacker can gain access to any type of personal information, credit card numbers or other high-value data.
If an organization detects a cyber attack in progress, it may be tempting to immediately shut everything down to try and prevent the attacker from gaining access to a target. However, the first thing you should do is verify the attack. In some ways, the idea of verifying the attack may sound silly given the fact that your intrusion detection and prevention system is alerting you to an attack in progress. Even so, there is always the possibility that the system could be producing a false positive.
Image Source: ITProToday