Skip to main content

A data breach or cyber attack could have serious consequences for a business, including reputational damage, loss of customers, and financial losses. Recovering from such an incident can be difficult, especially if sensitive data is exposed.

Here’s how to best respond to a data breach:

1. Contain the Data Breach

Once you have identified the breach, you need to start collecting evidence. This evidence includes system logs, intrusion detection system alerts, and network traffic data. This data will help you understand how the breach occurred and who was responsible. Collecting this evidence can be time-consuming, but ensuring you can effectively respond to the breach is critical.

There are a few things to do to contain a data breach immediately. Disconnect your internet, so the breach is not continuing. Disable remote access so no one else can get in. Maintain your firewall settings. Install any security updates or patches that are pending. Change passwords.

If a data breach occurs and your passwords are affected, you should change them asap. Create new passwords for every account, and don’t reuse passwords on multiple accounts. This way, the damage may be limited if there’s another data breach in the future.

2. Identify Those Affected By the Breach

If you are affected by a wider attack that has impacted multiple businesses, stay up to date with information from reliable sources, so you know what to do next. If you are the only victim, you will need to figure out what caused the breach at your specific location, so you can work to prevent the same type of attack from happening again.

You must check your security data logs to determine how the data breach occurred. This will help you determine where the breach came from and how much damage was done. If unsure how to proceed, you may need to hire a qualified cyber investigator.

3. Craft a Data Breach Notification Response Plan

Since there has been a data breach at your company, notify your managers and employees immediately. Let your staff know what happened and the steps to mitigate the issue. Define clear authorisations for team members to communicate on the issue internally and externally. Remaining on the same page with your team is crucial while your business is recovering from a data breach. You may consult legal counsel to determine the best way to inform your customers about the breach.

If you have cyber insurance, you should notify your carrier immediately after a cyber attack. Cyber insurance is designed to help you recover from a data breach or cyber security attack, and your carrier will be able to help you with what to do next. Suppose you don’t have cyber liability insurance. In that case, appointed agents can help you select a policy that will cover the costs of future cyber incidents and help you identify potential cyber exposures.


There are a few key things you should do after suffering a data breach. First, you should assess the damage by determining what information was compromised. Next, you should take steps to protect yourself from further damage, such as by changing your passwords and monitoring your credit report. Finally, you should make sure to contact the appropriate authorities so that they can help you recover from the breach.

Rabbon is a cybersecurity company helping organisations minimise their cyber risks. Our highly experienced and professional cybersecurity consultants in Sydney ensure your organisation’s safety by identifying and mitigating key cyber risks. We can help your organisation become cyber resilient and to streamline your business operations. Get in touch with us today!

Leave a Reply