11 Jun 2020

How to Create a Data Breach Plan

by JT Schlembach

Does your company have a data breach plan in place? If not, now is definitely the time to create one. Ransomware attacks are up 41% in the last year. The last thing a business wants is an incident that exposes confidential or protected information. What used to be a concern for a handful of industries is now a concern for everyone. When we think of creating a data breach plan, we need to think of how cybersecurity affects every business. One thing is certain – the smartest move a company can make is learning how to protect themselves before it’s too late.

Employees Are Working Remotely

During this unprecedented time, businesses around the globe are facing serious challenges. One of the most glaring is the ability for small and large enterprises to ensure the safety of their employees working remotely. Before the COVID-19 pandemic hit, only 3% of the US workforce had the capability to work remotely on a consistent basis. While that may seem like a small number, it accounts for 4.7 million workers. Now, a few months later, the number of remote workers has skyrocketed. In addition to creating the capability for remote work, employers are upping their cybersecurity programs and data breach plans and protections.

Ensure the Security of Your Team

The world’s business is now dependent on VPNs or other secured connections used by potentially thousands of people. With this in mind, it’s clear that cybersecurity practices, cyber insurance, and data breach response plans are necessary for everyone.

Creating a Cyber Breach Team

When a data breach happens, it is not only computer security systems that need to fight back and resolve issues – it’s a dedicated team of people. The response team should include the following:

  • Operations executives
  • Members of the Human Resources team
  • Members of the IT department

Educate the Data Breach Response Team

After gathering the right individuals, ensuring these members are educated on the current cybersecurity protection that is in place is the next step. Surely not every member will understand or remember every specific detail of how the cybersecurity system works, but that is not the point. The members need to understand the basics and key structural points regarding the system.

Breach Response Plan

The next step is developing a data breach response plan. The following should be included in the plan:

  • Identification process if a breach has occurred or is taking place
  • A process of how to directly communicate or notify the breach response team when a breach is discovered
  • Steps to gather data and information regarding the breach
  • How to contact your cyber insurer

The Benefits of Cyber Insurance

Most insurance carriers who currently offer cyber and technology coverage bolt onto the policy service the use of a breach response support team for their insureds. These breach response support teams are armed with technology and insurance professionals. They help companies investigate and identify if a breach did truly happen, and what actions to take moving forward including containing the breach and notifying the affected clients and customers. In essence, they make your breach response team even stronger.

Diversified has several cybersecurity insurance experts on staff who would love to help protect your business and answer any of your questions. You can find more information HERE.