Search for insurance help

Five point Crisis Plan in case of a Cyber-Attack

Robert Cooper

Robert Cooper

CPR Insurance Services

  • Jul 09, 2020
  • Views: 1493
Business Insurance Cyber Insurance IT Services Insurance
It has been found that not too many Organisations have crisis plans in place to deal with a Cyber-Attack should it occur on their business.
 According to a recent survey, 84% of businesses expect the number of cyber-attacks to increase over the next two years. 39% of organisations did not have or were not aware of a crisis response plan for them to follow in the event of an attack. This is according to BAE Systems Applied Intelligence report "Business and the Cyber Threat: The Rise of Digital Criminality".
More education appears to be needed on the issues that can arise from an attack and how to handle such a crisis situation.
A cyber-attack on your business will happen at some stage. Perhaps some attacks will have only a minor impact but others may threaten the reputation of your organisation with clients or customers not trusting you with their information in the future. A poor response to these attacks will often worsen the fallout from a major incident.
Organisations need to have effective processes to identify attacks early and then respond to these in a structured and methodical manner. It also needs a clear allocation of responsibility.
BAE Systems Applied Intelligence suggests companies take into consideration these five points to make up a crisis plan:
1. Effective detection: Does your organisation have the right controls in place to detect targeted cyber-attacks? Is your business confident that the most sophisticated types of attack will be detected?
2. Formalising where critical information resides: Has your organisation established which information is its most valuable? Does your company know which departments, business processes, IT systems, suppliers and staff have access to this information?
3. Roles and Responsibilities: Are roles and responsibilities clearly made in the event of a crisis? A common problem is the lack of a clear chain of command for effective and timely decision making. A crisis will often require difficult decisions, such as at what point to turn off key systems or services, or engage with customers or media.
4. Access to specialists: Does your organisation have clarity over which specialist partners will be used in the event of a cyber-attack? Are these organisations on a ‘retainer’ so they can be called in at short notice? A common challenge for organisations is that they don’t have pre-existing commercial arrangements in place at a time when they need urgent support.
5. Testing the crisis plan: Are the plans periodically tested to ensure they are effective? Organisations should test the crisis plan to ensure there aren’t any gaps and share it with the entire organisation. Stakeholders should be made aware of their role in the event of a cyber-attack long before an attack takes place. 
These suggestions can be a good starting point in managing these risks. It is also possible to transfer many Cyber Risks to insurers with an appropriate policy. Speak to CPR Insurance Services about these exposures soon because we are your Cyber and Privacy Risk experts
BizCover

Management Liability Insurance

Management Liability insurance is designed to provide protection to both the business and its directors or officers for claims of wrongful acts in the management of the business.

Details Get Quote
BizCover

Business Insurance

A business insurance pack can provide cover for your business premises and contents, against loss, damage, theft or financial loss from an insured interruption to the business.

Details Get Quote
insurance.com.au

Business Package

Purchase up to six products under one Business Insurance Package. 

Details Get a quote!
These suggestions can be a good starting point in managing these risks. It is also possible to transfer many Cyber Risks to insurers with an appropriate policy. Speak to CPR Insurance Services about these exposures soon because we are your Cyber and Privacy Risk experts
Robert Cooper
QUESTIONS? JUST ASK

Robert Cooper

Send a Message
 
cyber attack
General Advice Warning: This advice is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is appropriate for you and your personal circumstances. Before you make any decision about whether to acquire a certain product, you should obtain and read the relevant product disclosure statement.

All information above has been provided by the author.


Robert Cooper, CPR Insurance Services, ABN 51 146 841 287, AFSL 238433

Related articles

Sponsored

Sponsored

21 Feb

The Cyber Insurance Market is Growing: What’s Behind the Increased Demand?

FD Beck Insurance Brokers

FD Beck Insurance Brokers

01 Dec

How Cyber Insurance Can Protect Your Business

Tudor Insurance Australia

Tudor Insurance Australia

15 Nov

COMBATTING CYBER THREATS: THE IMPORTANCE OF ACTIVE CYBER INSURANCE

Image Description
QUESTIONS? JUST ASK

Robert Cooper

Comments (0)

Related articles

Clear Insurance

Clear Insurance

07 Sep

What is Social Engineering and why is it so effective?

FD Beck Insurance Brokers

FD Beck Insurance Brokers

21 Aug

A Comprehensive Guide On Business Insurance

BizCover

BizCover

14 Aug

Cyber Insurance Fact Sheet

Related insurance brokers

Madeline Ollett
Review rating
8 reviews

Featured Featured

Madeline Ollett

Evergreen Insurance Solutions Pty Ltd

  • Typically replies within
    a day
    Abbie Wilson
    Review rating
    26 reviews

    Featured Featured

    Abbie Wilson

    National Insurance Brokers
  • Typically replies within
    a few minutes
    Laura Meyer
    Review rating
    58 reviews

    Featured Featured

    Laura Meyer

    MeyerInsure
  • Typically replies within
    a few hours