Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

How to Respond to a Cyber Attack

man looking at a computer server

This article originally appeared on IndustryWeek. Guest blog post by Traci Spencer, Grant Program Manager for TechSolve, Inc., the southwest regional partner of the Ohio MEP, part of the MEP National NetworkTM.

This article is the fourth installment in a five-part series outlining best practices when it comes to “Cybersecurity for Manufacturers.” These recommendations follow the National Institute of Standards and Technology (NIST) cybersecurity framework, which has become the standard for the U.S. manufacturing sector.

In part three of the MEP National Network five-part series on “Cybersecurity for Manufacturers,” we shared the mechanisms you can use to detect a cyber attack or an information security breach. Now that you are aware of the right tools to detect a threat, it’s time to plan your response strategy.

The Clock Is Ticking When a Threat Is Detected

Don’t wait for a hacker to strike before developing your incident response plan. For smaller manufacturers, even a small security breach can have an enormous impact on their operations. Taking action immediately will empower you to better contain or reduce the impact of a cyber attack.

Develop a Plan for Information Security Incidents

When developing your response strategy, consider the immediate actions you and your employees will need to take in case of an incident. 

Your response plan should include:

Roles and Responsibilities

  • Who: Make a list of who to call in case of an incident. It’s critical you know who will make the decision to initiate recovery procedures and who will be the primary contact with appropriate law enforcement personnel.
  • What: Make sure you have a plan for what to do with your data in case of an incident. This may include shutting down or locking your computer systems, moving your information to a backup site, and/or physically removing important documents and sensitive materials.
  • When: Determine when to alert senior management, emergency personnel, cybersecurity professionals, legal council, service providers, or insurance providers. Be sure to include all relevant contact information.
  • Type: Your response plan should clarify the types of activities that constitute an information security incident. Include incidents such as your website being down for more than a specified length of time or evidence of information theft.

Know Your Notification Obligations

Be aware that many states and countries have notification laws that require businesses to alert customers if there is a chance their information was stolen, disclosed, or otherwise lost. Familiarize yourself with international, state, and local laws regarding notification obligations and include that information in your response plan.

Also include instructions on when to notify appropriate authorities. You should contact your local police to file a report if there is a possibility that any personal information, intellectual property, or other sensitive information was stolen. You may even consider contacting your local FBI office, depending on the magnitude of the information security threat.

Most importantly, you and your employees should know your role in your cybersecurity response plan. Develop procedures for each job role that describe exactly what the employee is expected to do if there is a cybersecurity incident.

When everyone understands their role in your response plan, you can act swiftly and mitigate the potential damage. Once things are under control, you can implement procedures you develop to recover from an attack, a process we’ll outline in the final installment of our series on “Cybersecurity for Manufacturers” from the MEP National Network.

For more advice on cybersecurity best practices for manufacturers, contact the cybersecurity experts at your local MEP Center.

About the author

Traci Spencer

Traci Spencer is the Grant Program Manager for TechSolve, Inc., the southwest regional partner of the Ohio MEP. A member of the MEP National Network Cybersecurity Working Group, she recently completed...

Related posts


Add new comment

Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.