Actions to Recover from an Attack
-
Utility
-
Collaborate with IT experts
-
Notify employees and customers if PII was compromised
-
Create an after action report (AAR) and an improvement plan (IP) based on the AAR
-
IT Experts
-
Remove malware, corrupted files and other changes to IT systems and restore IT systems
-
Install patches and updates and perform other countermeasures to harden the system against exploited vulnerabilities