Through proper response planning, businesses can mitigate potential damages that may arise from cyber incidents. Yet, it’s important to note that cyber incident response planning requires coordination across a company. An effective response plan should outline:
- Who is part of the cyber incident response team (e.g., company executives, IT specialists, legal experts, media professionals and HR leaders)
- What roles and responsibilities each member of the response team must uphold during an incident What the company’s key functions are, and how these operations will continue throughout an incident How critical workplace decisions will be made during an incident
- When and how stakeholders and the public (if necessary) should be informed of an incident
- Which federal, state and local regulations the company must follow when responding to an incident (e.g., reporting protocols)
- When and how the company should seek assistance from additional parties to help recover from an incident (e.g., law enforcement and insurance professionals)
- How an incident will be investigated, and what forensic activities will be leveraged to identify the cause and prevent future incidents
Cyber incident response plans should address a variety of possible scenarios and be communicated to all applicable parties. These plans should also be routinely evaluated to ensure effectiveness and identify ongoing security gaps.
This Cyber Risks & Liabilities newsletter is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice. © 2023 Zywave, Inc. All rights reserved.