top of page

Creating a Cyber Incident Response Plan

Feb 16, 20232 min read

The way a company responds to a cyber incident can make or break its financial and reputational stability. In the event of a poor response, a company may encounter various consequences—including the exposure of sensitive data, compromised technology, widespread business disruptions, disgruntled stakeholders, lost customers and diminished market value. Fortunately, businesses can mitigate these damages through proper cyber incident response planning and a good cyber insurance policy.


So what goes into a good cyber response plan?


Effective cyber incident response planning requires coordination across a company.


A solid response plan should outline:


  • Who is part of the cyber incident response team (e.g., company executives, IT specialists, legal experts, media professionals and HR leaders)


  • What roles and responsibilities each member of the response team must uphold during an incident


  • What the company’s key functions are, and how these operations will continue throughout an incident


  • How critical workplace decisions will be made during an incident


  • When and how stakeholders and the public (if necessary) should be informed of an incident


  • Which federal, state and local regulations the company must follow when responding to an incident (e.g., reporting protocols)


  • When and how the company should seek assistance from additional parties to help recover from an incident (e.g., law enforcement and insurance professionals)


  • How an incident will be investigated, and what forensic activities will be leveraged to identify the cause and prevent future incidents


Cyber incident response plans should address a variety of possible scenarios and be communicated to all applicable parties. These plans should also be routinely evaluated to ensure effectiveness and identify ongoing security gaps. Through proper response planning, businesses can adequately prepare for possible cyber incidents and significantly reduce related fallout. It's also important that you have coverage for when a cyber-attack may occur; many business policies actually specifically exclude cyber now and require you to seek a separate, specific cyber policy. In need of a quote of coverage review? Call or click today and we'll be happy to provide a free, no-obligation look over your current coverages and quote what your business may be missing.



Comments

building front_edited_edited_edited.jpg

Hi, thanks for stopping by!

We aim to update our blog regularly to keep you informed of what's going on in the industry and our office. Want to see more? Subscribe below. 

Let the posts
come to you.

Email sig logo 2.png
bottom of page