Toolkit for Managing the Eventual Hack: Part 4 of 4
You have dissected your existing business insurance. You have "armored up" with cyber insurance to insulate and immunize the business risk. You have put internal controls in place to minimize risk. Even with all these safeguards, any business with computers is at risk of bring hacked. So what more can you and should you do? You need a toolkit for managing an actual breach event. Any prudent business must deploy these simple steps:
- Analyze your data and business assets. What are the crown jewels or treasured assets of the business you need to protect?
- Educate yourself early on and often as to how you will manage a breach. Don't rely solely on IT to do this for you since they do not have the full business context. Are there regulatory requirements that mandate you to report a breach incident? If so, to whom? Will you share breach information with those outside the company? If so, how broadly and to what degree?
- Develop internal policies and communicate them to every person in the organization. These may be BYOD (bring your own device) policies, policies on email spam, policies on removal of business data, work-from-home or offsite policies, social media policies or any other policy necessary to minimize risk from your employees becoming unwitting attackers of your business data.
- Assemble an internal team who will be notified and who will assist to manage the crisis. Who needs to be on this team? Have you considered those needed to stop the breach as well as those needed to address the damage? What about those needed to preserve evidence?
- Draft an outside team of trusted advisors. These should include local law enforcement officials, experts on preservation of the platform that was breached for investigation, public relations and communications experts and attorneys.
- Develop a protocol and action plan for notifications and next steps.
- Practice breach scenarios. It is much easier to manage a breach if you put your team through several trial runs. Have your internal team think through the protocol and look for vulnerabilities. Test the protocol with your outside team of advisers and then fortify the action plan with what you learn. Make the trial runs a part of your culture on a regular basis.
With prudence, wisdom and constant vigilance, most businesses can tremendously diminish the risk of a cyber-invasion and with a strong business/insurance partnership, most other cyber risks can be managed wisely.