If a cyber security incident should occur, here's a helpful list of key questions you need to ask yourself that will help shape your response.

These questions should help you respond to a cyber security incident. However, this is only part of the process you should be following.

Check out how to Establish an Incident Management Plan which includes; prevention, monitoring, triage, responding and resolution.

Emergency Incident Checklist

• Have you called the experts? Get specialist help if needed. Do not necessarily rely on family, friends or talented amateurs to diagnose the problem and solution - a specialist at short notice could cost you less in the long-term than getting your response wrong.

• Can you contact affected customers directly if required, and what will you tell them?

• What response is your business taking to rectify the situation? For example, resetting passwords, implementing new security procedures, remotely locking or wiping a mobile device, or temporarily suspending services and business.

• Does this incident require you to contact and advise the Policy, Privacy Commission, or other regulatory body?

• Who is on your emergency call-tree or incident management team and are these contact details up to date? It is critical to have cellphone numbers for outside working hours.

• Who is leading your incident response? For example, the first identifier, senior management, or someone else?

• Do you have a conference call number so all parties can share updates and progress with managing the response?

• Do you have or know media experts who can manage enquiries if required? This includes managing the situation on social media where the rules of engagement are different.

This is a high level process that can be adapted to suit businesses of all sizes.

Note: This guide is based on the model developed by the Computer Security Incidence Response Teams at the CERT Division of the SE1 [Alberts 2004].