From days spent in Kindergarten, right up until your most recent fire drill at the office, we have been conditioned to respond to emergencies through repetition. Walk calmly to the nearest exit, gather in a pre-ordained spot, and account for everyone before notifying first responders of any missing associates. We have it all down, thanks to muscle memory.
But what about a cyber emergency? What must be done in that scenario? Who is responsible for each function? How do we know we’re being effective? Those muscles may not have ever been stretched, but it’s imperative that this happen.
Knowing what to do in the event of a cybersecurity incident is vital to protect sensitive and crucial data. Poorly coordinated responses not only have the potential to increase liability, but also can impact how insurance claims are paid following a breach.
Properly preparing for a cyber emergency includes:
- Identifying who needs to be on the response team.
- Describing each person’s roles and responsibilities.
- Knowing how to categorize an incident.
- Determining how to track milestones and save key evidence.
While most states require certain businesses to have written policies, actually practicing them is the only way to make those policies meaningful. Once a plan has been established, the organization should run tabletop drills, presenting various scenarios and measuring how the team responds in real time. Only through this kind of positive, productive repetition can the required muscle memory be developed to blunt, contain, and successfully recover from a cyber security emergency.
For more insurance-related information on this and other topics, contact the professionals at The Reschini Group.
Copyright 2021 The Reschini Group
The Reschini Group provides these updates for information only, and does not provide legal advice. To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.