What do I do if my business gets hacked?


With cyber attacks becoming more common and complex, the threat of an attack is a constant concern for businesses of all sizes. Whether you’re a small medium enterprise (SME) or a large corporation, the possibility of a breach is very real. But what can you do if it happens? The key is to be prepared.

Many businesses are creating breach plans to prepare for the possibility of an attack, but what is a breach plan and what should it include? We’ve written a blog to explain…

What is a breach plan?

A breach plan, put simply, is your business’s blueprint for responding to a cyber security breach or hacking incident. It’s essential to create your breach plan in advance, before any incident occurs, so, in the event of an attack, instead of figuring out what to do amongst the chaos, your well-though-out breach plan is there to provide a structured and organised approach to handling the situation.

What should a breach plan include?

Assigned responsibilities

A crucial element of a breach plan is a concise list of individuals or teams who will take control of the issue. It’s important to have designated named contacts for various roles such as remediation, internal and external communication and more. Knowing who is responsible for what ensures a coordinated response to the breach so the incident can be acted upon as soon as possible.

Steps to take

The breach plan should outline a step-by-step guide on how to respond, this will be particularly useful in the stressful event of a breach to break down the process of dealing with the incident into easy-to-follow steps. The guide should include notifying necessary contacts such as staff and, most importantly, your Managed Services Provider (MSP), who will likely already be on the case.

Contact information for your MSP

Your IT Support company (MSP) plays a crucial role in your breach plan. They are the experts who will have the access and knowledge of your IT setup to be able to help get you out of the hacking event. In the event of a breach, they should be the first point of contact, for this reason it’s crucial their details are in your breach plan so your staff can contact them immediately.

It’s likely that your IT Support company have dealt with similar events, they will be able to work with you to advise you on what to do, whilst their expert team are taking necessary steps to limit any further damage from the breach or hacking event and restore your data to get your business back up and running as soon as possible.

Where should I store my breach plan?

Storing your breach plan correctly is almost as important as creating one. After all, what is a good plan if you’re unable to access it when you need it? Here are some considerations you should have when thinking about where to store it:

Print it or store it on an offline media

In the event of ransomware locking you out from your data, or a complete loss of digital assets, a digital copy of your breach plan could be inaccessible. So, it’s important to store a copy of your plan on an offline media, such as a USB drive, or a physical copy printed and stored safely so you’ll still have access to your plan.

Physical safe

A good way to store an offline copy such as a USB drive or physical copy is in a physical safe, this provides a fail-safe option in case you can’t access it digitally during an attack, it also gives your plan a known location so staff can easily find it when it’s needed.

With your IT Support company

Your IT Support company are the experts who will have the access and knowledge to help you in the event of a breach, so it’s important that they have a copy of your breach plan. They are your go-to resource in the event of an attack, and having the plan accessible to them ensures a quick response.

Your MSP should have access to your breach plan to know who to contact and what steps you are taking. They also must be prepared to restore your backups, identify the hackers point of entry, and enhance your IT security.


In the unfortunate event of a breach, a well-structured breach plan can aid a swift, organised response. It can save your business time and money.

If you’re looking for where to start, consider speaking with your cyber insurance company, they specialise in risk management and can advise on creating a breach plan.

Don’t wait for a breach to happen, take proactive steps now to safeguard your business. By having a well thought out breach plan in place, you can minimise the impact of a cyber attack.

Here at Geeks, we have steps in place in the event of a cyber attack on any of our clients. Our expert team can step in as soon as possible to lessen the impact and work with your team to restore your business. At no extra cost, we have recently added EDR to our core solutions and rolled out EDR to all our clients compatible devices which can intelligently identify suspicious activities and potential security breaches, alerting our team immediately. We have also cyber security solutions available to our clients to strengthen their cyber security.

Looking for an IT Support company that strengthens your cyber security? Get in touch!

0117 325 0370