business Is Your Board Ready for a Cyber-Attack?: Part 2 August 22, 2016 Have you checked up on your Board regarding their cybersecurity initiatives and response plans? A weak system is a death sentence for your organization. Effective cybersecurity means everyone in your business is on board—especially your Board. Since the Board’s duties center around protecting customer information and company assets, cybersecurity awareness makes up a substantial portion of their job. Part 1 of our Two Part series on the Board’s cyber responsibility, suggests the following key items for your board to discuss when preventing and responding to cyber-threats: Full report of the company’s IT systems Enough time to discuss cybersecurity issues as part of agenda Access to technological expertise IT security budgeting IT insurance Check out the first part for more details on each tip. As promised, here are numbers 6-10 in our series. Make sure your board has implemented adequate: Physical security- Your board should conduct a cursory review of physical security of facilities (i.e. reception area, entry checkpoints, ID scanners, security cameras, physical logs of who goes in and out, etc.) Incident Response plan- It is crucial to have an incident, or emergency, response plan in place in the unfortunate event that your information is compromised. These plans handle incidents right after they happen, making sure the breach is stopped before it wreaks more havoc on the business’ system. Responding to a cyber breach needs to be fast, and having an incident response plan in place (that everyone is well-read on) ensures that your organization will have the knowledge and resources to make sense of the situation at hand, activate emergency response measures, and get the business back up and running. What should be included in the plan? – Responses depend on what kind of information was lost. Here are some valuable tips (but by no means is this a complete list!): Include a contact list that gives phone numbers of security personnel with system administration credentials and technical expertise as well as local authorities who can assist you in the event of a breach. There should be back-up contacts listed so that you have all your bases covered. Identify the number of customers affected and the extent of data loss within four hours. Your security team should have a clear picture of who might be responsible for the breach within 8 hours. Include key tools for use during the response (i.e., procedural guides, checklists, details on different roles and responsibilities, playbook charter etc.) Business continuity- Just as important as an incident response plan is for your organization, so too is a Business Continuity Plan (BCP). A BCP helps your company return to fully normal operations as soon as possible after a breach. More strategic in nature than an incident response plan, a BCP is an ongoing process that addresses productivity loss, physical damage and long-term recovery. Training programs- Keeping up with employee training is essential. New threats emerge daily, meaning frequent training sessions are necessary for all employees. Outside legal counsel- In the event that you are subject to a cyber-attack, you will want to be sure you have legal counsel on hand that you can contact easily. The legal ramifications of a breach can be devastating to a company of any size, making outside legal contact necessary for the success of your business. It is up to the Board to select counsel with good reviews and preferably, cybersecurity expertise and to have their contact information accessible at all times. The Board’s responsibility when handling a cyber-attack begins and ends with quick response and attention to planning. If you would like to learn more about efficient and effective cybersecurity awareness practices, contact us today.