What Are Your Responsibilities?
The first step in deciding how to respond to a cyber attack is determining what you may be required to do by law. There is no federal body of law in the United States that applies, but each state may have laws that determine your liability and who you must notify. If you operate overseas, such as in the European Union, you may have international laws that shape how you respond. Where your network was attacked or where the attack originated from are also important factors that can determine how you respond or what authorities you can contact.
When one of our clients has become a target of a cyberattack, we perform an exhaustive analysis to get answers to these questions. We can then determine what laws you are subject to and what your obligations are post-breach.
Determining the Extent of the Damage
If you’ve been hacked, you need to determine to what extent your network has been compromised. We bring in a team of industry-leading cybersecurity experts who can determine how you were attacked and what data has been exposed. Then we can determine whether your client or customer’s data is in jeopardy and what steps you need to take to protect them. Determining the extent of the damage is a critical step in deciding what steps you need to take in order to cure the breach and prevent further harm.
Depending on the size of your company and the information you have on your servers, your breach could very well be front-page news. A cyber attack could bring a tremendous amount of bad publicity and do serious damage to your reputation. We can help you get out in front of the crisis and make sure your message is heard before it is blown out of proportion or distorted by the media. We have deep media contacts in many major markets that we can rely upon to report fairly on your case. The goal is to restore public confidence in your brand and communicate that the situation is under control.
We also help our clients communicate with those clients or customers who have been affected by the breach. At times like these, we focus on communications that are direct and to the point without inciting panic. We work to make sure your clients understand what happened, what their options are, and what you are doing to protect them. We want to not only save your customer and client relationships but strengthen them.