Axis Insurance Services Blog

Creating a Playbook on Cyber Breaches

Written by Drew Smith | Dec 12, 2019 4:00:00 PM

As the number of cyber breaches continue to spike, it’s imperative to create a plan to counteract and prevent lasting damage to your cyber infrastructure. Though its impossible to stop all attacks, there are many steps that you can do to prevent serious damage.

Among the many plans you should make, consider the following:

  • Investing in detection and monitoring services: These are normally your firewalls and computer security systems. Most companies do not have a specific purpose for finding malicious files. "We've seen so many attacks where the damage doesn't happen at the point of attack, it happens in the response" - or lack thereof - says Rocco Grillo, managing director of global cyber risk services at consultancy Alvarez & Marsal in New York.
  • Build a response plan: Creating and building a response plan is a great way to protect your business in case a cyber breach occurs. There's no excuse for failing to plan ahead. "Organizations need to realize they will no longer be judged for having a security breach, but they will be judged on how well they respond to it," says Brian Honan, head of cybersecurity consultancy BH Consulting in Dublin. "So preparation is key to surviving a breach and in protecting your brand.
  • Regularly review and update your plan: Cyber attacks happen daily. And as a result, the way these attackers get in are becoming more sophisticated. Your plans should be regularly reviewed and updated based on new information and new guidelines. Practicing in case of a breach also would help. Scenarios in which you should practice include: Malicious attackers, external hacks, physical loss of data, attacks against a company’s intellectual property
  • Practice paying ransomware attackers: Sometimes there are situations that you’re in a no-win situation with attackers. As much as you want to not pay attackers, if you don’t have the means for immediate recovery, you might as well take the loss. More cyber insurance coverages are starting to have coverages for such events.
  • Identify the stake holders: When a breach does occur, there are many people that need to be notified. People such as the senior management, the accounting department, your cyber insurance carrier must be notified when a breach is determined.[1]

Determining what to do when a cyber-attack happens is key to limiting the scope of your damage. Plan and train your employees thoroughly.

[1]