Here's how to recover when your business suffers a cyberattack

Columnist Dean Swanson says prevention is the goal, but when a cyberattack occurs, there are steps you can take to recover.

Ask SCORE column sig
We are part of The Trust Project.

Data shows that some 76% of cyberattacks occur at businesses with under 100 employees. Cybercriminals know small businesses tend to be easy targets, and that accessing a small business’s computer networks often gives them access to client and vendor networks, too.

Last week, we saw how a small business can protect their business from these threats. This week, we'll look at some suggestions about best practices for device security then end with some suggestions regarding how to recover from a cyberattack.

Also Read
Columnist Kristen Asleson says strategic planning meetings are vital, but they need rules to keep them on track.
Columnist Dave Conrad says when the boss puts his daughter in a leadership role, it's in everyone's best interest if she's given ample opportunity to succeed.
Minority Owned Business Network offers resources, education and mentorship for minority business owners and aspiring entrepreneurs.

Here are some best practices for device security and steps you can take to secure your devices.

For computers and servers, choose a centrally managed, business-grade antivirus security solution so you can monitor all the devices on your network, restrict user access and enforce security policies. Consumer-grade products don’t provide enough protection.

Implement multiple layers of protection. Installing antivirus software on your computers alone isn’t enough. Look for an all-in-one cloud solution that provides endpoint, web security and email protection.


Isolate payment systems by separating your point-of-sale systems or credit card readers from the rest of your network by putting them on a separate network or firewall.

Restrict both physical and digital access to servers. All it takes is one malicious employee to wreak havoc.

Require two-factor authentication to log onto servers.

Update software, hardware and firmware regularly; set updates to install automatically.

Whatever device people are using be sure to change the default username and password, disable remote management, restrict access to specific addresses, require two-factor authentication, and update device software and firmware regularly.

When it comes to mobile devices, enforce passwords or passcodes on devices. And take advantage of biometric identification technology if available; it’s more secure than using a password.

Install security software on devices such as Wi-Fi routers and other network-connected devices like printers and copiers, etc. Use a separate Wi-Fi network for guests, and make sure to enable encryption using WPA2.

If your company was subjected to a cyberattack, there are a few things you can do to recover as quickly and efficiently as possible.


Respond. Turn off your computer, disconnecting your internet connection, or shutting down your router until you can assess the damage.

Restore your data from backup. Experts tell me that they suggest using the “3-2-1 Rule of Backup.” They do this: Always have three copies of backup. Store backup using two mediums (for example, on a hard drive and in the cloud). Keep one copy off site so a physical disaster at your location doesn’t wipe out your only copy.

Bring in IT experts to help if necessary.

Recover. Execute your disaster recovery plan. If you don’t have a disaster plan, now is a great time to create one. Look for free templates online that you can use as a starting point and adjust based on your business.

Attend to any breach notification requirements. Depending on your industry, you may be required by law to notify customers, vendors or employees affected by a security breach.

Evaluate existing and new technologies you can use to prevent future breaches. Are your current cybersecurity practices effective? If not, what can you add to better protect your business?

Here are some resources to learn more about cybercrime, develop a plan to protect your business from cyberattacks, and report a cyberattack.

  • SCORE.
  • Trend Micro Internet Safety for Small Businesses.
  • National Cybersecurity Alliance.
  • Federal Communications Commission.
  • Federal Trade Commission.
  • National Institute of Standards and Technology.
  • FBI Field Office Cyber Task Force.
  • Internet Crime Complaint Center.

Cybercriminals are crafty – but you can outsmart them by being aware of the risks and implementing cybersecurity best practices immediately. Educate your employees, implement a cybersecurity policy for your business, and put the proper protections in place. Taking these simple steps will help to prevent your business from becoming a statistic.
Dean Swanson is a volunteer Certified SCORE Mentor and former SCORE chapter chairman, district director and regional vice president for the North West Region.

What to read next
"We have adjusted our flying based on demand to the Fort Myers area in January as the region recovers from the hurricane. We will continue to monitor Florida’s recovery and demand for travel and adjust,” explained Sun Country’s Senior Director of Communications Wendy Burt.
New episodes are published weekly on Fridays.
With many changes to the building over the years, the former 7th Rib Supper Club, 301 Hwy. 63 South in Racine, will now become an event center for the town and surrounding community starting Saturday, Dec. 3, 2022.
Plans are moving forward to open a Uni Uni bubble tea franchise at 1227 Second St. SW., across Second Street from Mayo Clinic's Saint Marys Hospital. It’s expected to open in 2023, possibly as early as February.