What to do in case of a cyberattack ?
Aug 18, 2022
5/5 - (22 votes)

We propose below a synthetic methodology to help you manage a cyberattack on your entity (company, association, community or administration).

This methodology is divided into 3 steps :

The first reflexes :

  • Once the cyberattack is discovered, immediately alert your IT support (internal or external depending on the structure) in order to take the incident seriously ;
  • Cut off connections to the Internet and the local network so that the attack does not spread to other equipment or files that have not yet been damaged ;
  • Keep evidence of the attack in a file (messages, affected machines, etc.) ;
  • Set up a crisis management team in order to be able to implement actions according to the departments of your entity ;

Managing the crisis :

  • Put in place solutions so that your company can continue to operate as if there had been no cyberattack ;
  • File a complaint, highlighting all the evidence you have gathered in the first step ;
  • Notify the incident to the CNIL if personal data has been stolen (within 72 hours) ;
  • Manage your internal and external communication in order to correctly inform your customers, suppliers, employees, partners, etc ;

Exit from the crisis :

  • Once the cyberattack is under control, gradually get your services back up and running ;
  • Learn from the attack in order to be able to put in place action plans should another cyberattack occur in the following months ;

ONE GDPR, specialized in cybersecurity, can help you with these different aspects by offering various tailor-made modules.