Run an audit – Run a full network security audit to identify any other problems that may have happened as a result of the breach, or that existed before the breach. Companies can use automated auditing tools to complete this step, or they can hire a professional third party penetration tester to perform this part of the investigation as well.
Update software patches – As simple as it sounds, software patching is the best defense against a wide range of attacks. Check and update the patch level of your organization’s devices and software, including third party tools like QuickTime, Java and Adobe Reader or Flash.
Install missing security and visibility controls – There are several layers of security that many network administrators overlook when devising strategies for protecting networks from today’s blended threats. A legacy firewall alone is not enough. Businesses also need IPS, anti-virus, application control, reputation services, and many other layers of defense. Take this opportunity to beef up security controls and add additional power to your network security armory.
The clean-up process from a breach can be daunting and requires additional cost, time and resources – some investigations, particularly forensic investigations with the proper authorities, can even take months to complete. If a business is unfortunately faced with having to deal with this type of exploit, these steps will ensure the system security is strong and up-to-date moving forward, reducing the probability of a future attack.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.