Many companies do not have an action plan for what to do when they have a breach of their network. Time is of the essence to discover both the severity of the breach and how to mitigate its impact.
Some simple yet essential steps:
1. Create an action and reporting plan to refer to when an incident or breach is suspected.
2. Designate a team of individuals - not limited to just the IT Department - who will have set roles when a breach or incident is suspected.
3. Designate an ultimate decision maker - and his/her - back up who will lead the response.
4. Understand the state and federal notification requirements.
5. Ensure you discuss with your insurance broker the correct coverage’s and limits needed to respond to cyber liability or data privacy situations.
Its amazing how many companies feel that they do not need Cyber Liability-Data Privacy coverage; “IT says we are fine”………If it can happen to Sony or CIT it can happen to you!
No comments:
Post a Comment