

Latest advice and support straight to your inbox SIGN UP
It's not always easy to tell if your business has experienced a cyber security breach. Attackers use a variety of ways to avoid detection, so that they can stay in your system long enough to harvest as much data as possible.
Unfortunately, many businesses that experience a breach won't immediately know about it. Sometimes, it can take months - and often longer - to realise that an attack has taken place. By that stage, attackers might have already caused significant damage to your business or customers. Learn about the impact of cyber attack on your business.
Detecting cyber attacks is a challenge even for the experts, but certain signs could indicate that a cyber breach or intrusion is underway. The following may all be warning signs:
If you have a business website, you should monitor it for any anomalies that may suggest that an attack may be in progress. For example:
See how to detect spam, malware and virus attacks.
Criminals are constantly searching for new vulnerabilities in evolving digital environments. It's worth staying informed about current and emerging threats. As well as keeping your systems, servers and applications up to date, you could also consider deploying breach detection tools, which may be more effective in rapid or early detention of threats.
Breach detection tools (also known as intrusion detection tools) can help identify threats inside your network. They are either software or hardware products capable of recognising active threats and alerting relevant security staff that they need to take action. For example, you can set up these tools to monitor the network and send an alert if they suspect:
These tools focus on identifying intrusions after they happen, containing and controlling the breach, and mitigating the damage. Many different products exist in the market, from open source tools to commercial packages. Read more about business data breach and theft.
Security and data incidents are becoming a daily norm for many businesses. No single product or method will give you a 100 per cent guarantee that your business' cyber defences will hold.
Before you detect an intrusion, you should consider and decide in advance how you will manage your response. It may help to develop a comprehensive cyber security incident response plan to help you contain and recover from any potential breach.
After you detect an intrusion or realise that a crime has been committed, you should report it to the relevant authorities. See how to report a cyber crime.
Follow other best practices for cyber security risk management in your business.