AFTER

  • Continue to monitor the affected system(s).
  • Initiate measures to prevent future attacks.