Assess the scope of the damage. This allows you to isolate the compromised systems and data and begin the process of determining the cause, nature, and extent of the attack.