Tag Archives: incident response plan

Adopting a Risk Management Approach to Your Business

Doing business in today’s world doesn’t come without risk. Anything can happen, from a brief power failure resulting in two hours of downtime, to a days-long global technology outage precipitated by a CrowdStrike software update. How will you know what risks your business is most subject to, and how to mitigate those risks? Read on to find out what types of risks can threaten your company, and how to protect yourself.

 

Multiple Risks to Your Business

 

According to an article from CompTIA, risks come in various forms. Some are within a company’s control, and others come from outside. But all pose some threat to productivity, security or reputation–or all of these. Types of risk include:

 

    • Strategic: These have to do with deviations from a company’s strategy or model. Using automation, for example, can benefit operations, even facilitating software updates. However, problems can occur if human oversight isn’t part of the process. 
    • Competitive: negative consequences of a competitor’s actions, which can cause a loss of business for your organization. Even a competitor’s offering of a better product or service can negatively impact your business. 
    • Compliance: This involves failure to comply with government data security regulations, and can consist of data storage and even data breaches. 
    • Reputational: Events that can damage your image, and public perception of your brand. Perhaps a too-quick rollout of a product or service, a data breach, or a compromised website, can affect trust from customers and other stakeholders. 
    • Financial: This type of risk is anything that might cause loss of revenue. Loss of customers due to compromise of your company’s reputation, or downtime costs from even a brief system outage, can cause loss of earnings.
    • Operational: Anything that affects the operation of your business or other businesses that work with you. A faulty software update can have global consequences, as was seen recently. 
    • Global: Can include global conflict, supply chain disruption, or nation-state cyber attacks. 

 

Any or all of these have a potential impact on cybersecurity, though some are more likely. An outage can result in downtime (operational and financial risk), or a data breach (financial, compliance and reputational). Certain risks intersect, like financial, operational and reputational in the case of a data breach. Depending on how your company handles risk, your brand can weaken, or become stronger than ever.

 

How You Can Prepare

Assess and Document Your Biggest Risks

 

Prioritize risks most likely to affect your company’s operations, revenue or reputation. Your business may be more likely to be subject to risks of regulatory compliance failure than to global conflict. Any source of risk can impact your company, however unlikely it seems. 

 

Assemble a Strong Team

 

By including people from each department, your company gets different perspectives on what can happen and how it might affect your business. For instance, sales and marketing can point out risks posed by competitors. Your leadership personnel can watch for strategic risks. Anyone can be on the alert for social engineering (“phishing”) emails.

 

Prepare an Incident Response Plan

 

All the documentation and planning will go into an incident response plan. This plan comprises the most likely risks,  action plan for each, and the person or persons responsible for specific tasks. Such a plan will help you respond quickly and efficiently to possible disasters, or even keep a minor problem from becoming a major disaster. 

 

Risk management is becoming a more common stance in companies all over the world. To learn about evaluating risks and developing a response plan, contact your trusted technology advisor today. 

This is (Not) a Drill: Practice Your Incident Response Plan

Much as your business will practice its plan for getting out of the building in case of fire, it also needs to practice its response to a cyber attack. Your response ideally will be nearly automatic, and the way to make it so is to practice repeatedly. Read on to learn more about an incident response plan (IRP) and practicing the response to a cyber attack.

 

The Importance of an Incident Response Plan

 

An Incident Response Plan (IRP) shares a close connection to a Disaster Recovery Plan, in that it outlines a company’s response to a cyber attack that results in a data breach. An effective plan is a “combination of people, process and technology that is documented, tested and trained toward in the event of a security breach.” The primary goals of the IRP are to mitigate damage (to data, network, revenue and reputation) and to get your business back up and running as soon as possible. For this to happen, every worker needs to know their role and responsibilities, including the first thing to do if a data breach occurs. For example, a worker gets a suspicious email that might be a “phishing” attempt. Do they know who to report it to, and also not to click on suspicious links? Depending on the size of your company, you may have an in-house team, or the response may be distributed among more than one team, each in a different location. No matter which approach you use, your IRP will document how you plan to handle an emergency.

 

Practicing Your Plan

 

Documenting what your company plans to do to respond to a cyber incident is a great start. Your workers need to be trained and your plan tested, so you know how well it works. By staging a mock incident such as sending a fake phishing email or testing your backups, you can determine how well your workers respond, and whether they’re prepared. Rehearsing the process for responding needs to happen numerous times, so the proper response becomes automatic. Not only that, frequent testing will help you find any flaws or weak spots in your plan and correct them, thus fine-tuning your response. Both planned and unplanned drills will give a good picture of your preparation.

 

Having an IRP in place is just the beginning. Practice makes your IRP plan as strong as possible. For help with your plan, contact your trusted technology advisor today.