Skip to content

Best Practices in Preparing for a Data Breach

October 14, 2015

On the hook for one of the most massive data breaches in U.S. history, the Target Corporation agreed to reimburse banks $67 million for losses.

Meanwhile, the Internal Revenue Service recently disclosed that a breach first reported in May is much, much worse than first thought, increasing the total number of potential victims to 334,000.

Though they make the headlines, bigger companies are by no means the only ones

Hacking Computer Security Threat and Protection

dealing with data breaches and cyber attacks. Research by the Ponemon Institute shows that incidents involving lost or stolen data are growing in number and hitting organizations of all sizes.

No matter how much business an organization may do online, the reality is that everyone is a target. When it comes to a data breach, it almost seems like it’s not a question of if, but rather of when one will occur.

Follow these best practice tips to help prepare for a data disaster.

  • Assess Your Cyber Risk
    You may not be able to completely eliminate cyber risk, but getting insight into your organization’s vulnerabilities is an excellent place to start. Our friends at Travelers have created a helpful online tool called the Cyber Risk Pressure Test. By asking roughly two dozen insightful questions, this tool paints a portrait of your company’s risk profile and shows where you stand in relation to peers. The tool offers recommendations and compares your risk to similarly-sized businesses in your industry and location.
  • Be Redundant
    Is your data backed up? Good. Is the backup backed up? Even better. Redundancy in digital data is a good practice, and can be made better by having some backups stored offsite or in the cloud, separate from your network. In addition to data, consider having a separate backup systems network in place, even if it’s bare bones. It could help you survive the initial days of an attack if your primary network is offline.
  • Know Your Response Plan
    Don’t start figuring out what to do as a crisis unfolds. Instead, have a written response plan in place and perform practice runs. If you’ll need outside expertise, reach out to consultants ahead of time and establish those relationships in advance. Allow for the consultants to learn your system and guide your thinking during the planning stages. Then, make sure the experts are on speed dial, just in case.
  • Know Your Communication Plan
    Organizations often forget that bad PR is how many data breaches truly cripple an organization. Do you have in-house crisis management expertise? If not, do you have a firm at the ready you can turn to? How you manage communications about an incident is just as important as how you handle the technical response. Ted Kobus of BakerHostetler offers some excellent in-depth crisis communications advice.

Still confused about Cyber Liability – give us a call at Founders Insurance Agency and we can walk you through the process.

Bryan Johnson

P&C Operations Manager

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: