When a company is targeted by cyber criminals, which is more common than ever right now, it is crucial that they have a plan in place to handle it. Not only internally, but publicly as well. Clients and the general public want accountability when a data breach occurs. Whether the company has 10, 100 or 1,000 clients affected by a data breach, the effectiveness of their response can have a long-lasting influence on their reputation among their clients and in their industry.
The National Institute for Standards and Technology (NIST) offers a great outline for drafting a response plan for data breaches or other cybersecurity incidents. Their “Five Functions” system represents the five primary pillars for a successful and holistic cybersecurity program, in order to aid companies in thoroughly managing their cybersecurity risks. These five functions are as follows:
Identify
The Identify function refers to the development of an organizational understanding to managing cybersecurity risks to systems, people, assets, data and capabilities. Understanding the resources that support critical functions needed to identify related cybersecurity risks enables a company to prioritize their efforts and remain consistent with their risk management strategy and business needs.
Protect
The Protect function attributes appropriate safeguards and supports the ability to limit or contain the impact of a potential cybersecurity event. This includes educating and empowering staff members within the organization to be aware of risks, establishing procedures that focus on protecting network security and assets, and utilizing cyber liability insurance to protect the company financially in the event a cyber criminal is able to bypass the protections that are in place.
Detect
The Detect function demonstrates the appropriate activities that assist in discovering the occurrence of a cyber attack and enable timely response to cybersecurity events. In order to quickly and efficiently diagnose cyber attacks, companies need to implement data classification, asset management and risk management protocols that alert them when data appears to be compromised.
Respond
The Respond function relates to the appropriate actions that should be taken following the detection of a cybersecurity threat. This function is crucial in shaping the outcome for an organization after a data breach has occurred. A company’s response should include proper and thorough communication with staff, shareholders, partners, subcontractors and clients as well as with law enforcement and legal counsel as needed.
Recover
The Recover function highlights how an organization can maintain their plans for recovery and restore any capabilities or services that were impaired due to a cyber attack. Recovery should include a timely return to normal operations to reduce the financial impact from the breach and implementation of improvements to the organization’s data breach response plan based on what was observed in the previous incident.
While the chances of being targeted for a cyber-attack are quite high, a strong data breach response plan can help an organization quickly and efficiently mitigate the damage, allowing them to return to normal operations as soon as possible. For many organizations, the greatest danger of a data breach comes not from the breach itself, but from the aftermath. Between reporting the breach to the public and smoothing over the issue with clients, there are many ways in which a data breach’s costs can be compounded after the breach has been contained, all because of improper handling. Because of this, it’s important that your clients have a Cyber Insurance program that includes media liability coverage and post-breach remediation coverage.
About Connected Risk Solutions
At Connected Risk Solutions, we use our expertise and experience to provide insurance information and programs to those who serve long-term care and senior living facilities. Since 2007, we’ve been offering insurance and risk management plans designed to help our agents give their clients the ability to achieve continued growth while simultaneously protecting against loss, containing costs and increasing profitability. To learn more, contact us at (847) 832-9100.
