Cyber events, cyber-attacks, cyber incidents…the list of names for events where an organization’s system is compromised is never ending. Unfortunately, along with the long list of names, the actual events themselves are becoming more and more frequent and severe for organizations around the world. As you try and navigate the world of cyber-liability, cyber-attacks and cyber incidents, you may wonder how you can best protect your system and your organization from being a victim of an attack or mitigating the ramifications of an attack.
Along with strong risk management, security protocols, and a robust cyber insurance program in place to back up your business, having a Cyber Incident Response Plan in place can be very beneficial.
You may ask yourself, “What is a Cyber Incident Response Plan?” While there is not one definition for this term, the definition from www.infocyte.com, states “a cybersecurity incident response plan (or IR Plan) is a set of instructions designed to help companies prepare for, detect, respond to, and recover from network security incidents”.
Along with the IR plan, every organization needs to have an individual or team of individuals that are responsible and knowledgeable about their roles in the event of a cyber-incident. The team members usually come from different departments throughout the organization – ranging from IT, legal, communications, senior management, and more. These individuals should know their exact roles and responsibilities.
The average cost of a data breach in 2019, per IBM Security and Ponemon Institute, was $3,920,000. The report also stated that the average cyber incident response took an average of 279 days to identify and contain. Having a Cyber Incident Response Team in place is crucial in getting your organization back up and running and will help minimize the damage that a cyber-incident will cause. Many cyber-liability insurance carriers now offer cyber-incident response plan training and documents to assist in implementing this program.
If you have any questions on cyber liability insurance, or cyber incident response plans please contact your agent.