Don’t Get Punched In The Mouth! Cyber Risk Planning

You know the saying ” Everyone has a plan until they get punched in the mouth”, so what’s your plan!

Cyber-Risk Planning

Cybersecurity has historically been treated as a technology issue. However, cyber-risk must be managed at the most senior level boardroom in the same manner as other major corporate risks. The CEO must fully understand the company’s cyber risks, its plan to manage those risks, and the response plan when the inevitable breach occurs. CEOs also must consider the risk to the company’s reputation and the legal exposure that could result from a cyber incident. CEO fraud must be part of the risk management assessment. While this assessment is of a technical nature, it is more about organizational procedures.

Executive leadership must be well informed about the current level of risk and its potential business impact. This is rarely the case within organizations inflicted with phishing and CEO fraud. Management must know the volume of cyber incidents detected each week and of what type. Policy should be established as to thresholds and types of incident that require reporting to management. In the event of an outbreak, a plan must be in place to address identified risks. This is another weak point in many organizations. Yet it is an essential element of preserving the integrity of data on the network.
Best practices and industry standards should be gathered up and used to review the existing cybersecurity  program. Revise the program based on a thorough evaluation. One aspect of this is regular testing of the cyber incident response plan. Run a test of a simulated breach to see how well the organization performs. Augment the plan based on results.

Lastly, call your insurance company and go over the fine print regarding your coverage. If no cyber insurance exists, acquire some rapidly. Go over the details of cyber security insurance to ensure it covers the various type of data breaches and includes the various types of CEO fraud.*

Note: Normally human error like CEO fraud is NOT covered by cyber security insurance.

Forgive the delay on our posts ….next time find out about training just like my 93 year old mother say’s ” You learn something new everyday”!

Think before you click!

Tina Louise ~ www.cloudplusservices.com ~ 888.871.6584

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s