How can a small/medium sized business recover from a cyber attack?

Speed is of the essence. You need to identify the breach. When did it happen? What sort of attack was it?