The time between a cyberattack and final recovery can make or break your business -- a cyberattack can take days or weeks to resolve -- and there’s never a convenient time for such an attack to occur.
A well-designed incident response plan will allow you to address a cyberattack quickly and strategically. It can keep the attack from snowballing into a major disaster.
Make sure you have the components of an incident response plan in place.
Suppose a ransomware attack encrypts all your computers. Your cyber insurance company says their IT forensics team will arrive in the next morning.
Then it will take at least four to five more days to resolve the incident. Unfortunately, you need to cut your retiree pension checks in two days, and your members will be furious if they’re late.
So you pay the ransom, only to have the attackers demand more. Meanwhile, the clock is ticking on those pension checks.
Depending on how much of your system is locked out, your incident response plan should have triggered either:
Have questions? Get in touch.
These are some of the components of an incident response plan necessary to help you bridge the gap between the time a cyberattack strikes and when it is resolved:
Some incident response plan templates are available free on the internet. Some cyber insurance companies include them when you buy their insurance. But they all offer the same basic steps — contain, eradicate and recover from the incident, then resume normal operations.
The problem is none of the free templates address that third component — what do you do if it takes several weeks to resume normal operations?
You don’t have several weeks to spare. Start building your incident response plan.
Share this page