Actions to Respond to an Attack
-
Utility
-
Disconnect compromised computers
-
Notify IT experts
-
Assess damage to utility systems and equipment
-
Execute the utility Emergency Response Plane (ERP)
-
IT Experts
-
Review logs, take a “forensic image” of the affected IT system
-
Identify if employee or customer identifiable information was compromised