Today, many small and medium-sized businesses (SMBs) are ill-prepared when it comes to cyber security, due to the growing sophistication of cyber threats and lack of in-house expertise.
In fact, 79 percent of small businesses do not have an incident response plan, according to the Cybersecurity Trends Report 2017.
A solid incident response plan is essentially a roadmap for reducing your business’ cyber security risk level and proactively minimizing damage. It is a detailed document that spells out exactly who owns what in the case of a security breach or data loss event, with communication guidelines and established protocol.
There is a lot of information out there on the internet, with Incident Response checklists, but the fact is, all of them ask the person doing the customization of that list (in order to make it useful in any way), to do a lot of work gathering details. You can’t just take a template and think you have a good plan. You have to walk through this as a serious exercise, and doing it with your management team and admins is a super important factor, if you want to be successful when the time comes (and we believe it will) when you need to use the plan.
Are you interested in creating a plan for your business? It only takes a few drafts and we have templates (including our own) to start with.
Oh, and you can save money on your Cyber Liability Insurance by telling your agent you have an Incident Response Plan in place, too.