[Webinar Recap] Cyber Breach Exercises: Bringing IT and the Business Together

Is Technology Alone Enough? Slide
Cyber attacks are one of the most prevalent forms of business interruption in today’s tech-friendly world. Currently, many businesses are fighting back by spending more on new technology to boost their cybersecurity. However, developing a sufficient response strategy to combat cyber attacks can be difficult since IT, BC/DR and crisis management have individual processes.

In our most recent webinar, Brandon Tanner, Rentsys senior manager, and Philip Bigge, VP of consulting services for Ripcord Solutions, provided insight on how to design exercises that help your business create a business-wide, cohesive cyber breach response strategy. Some tips from the webinar include:
  • Unify attendees in one location.
  • Separate attendees into teams with members of the same departments on separate teams (so every team has members from each department).
  • Create a balance of leaders and employees within each team.
To hear more, listen to the webinar here.

Cyber Insurance Is No Substitute for Business Continuity Planning

These days, the likelihood of a business experiencing a data breach or cyber attack like ransomware is at an all-time high, and this growing concern has led organizations to seek out solutions like cyber insurance policies to protect themselves against the threat.
Stamp of approval of insurance coverage

Although cyber insurance policies can cover some of the damage caused by a business disruption, they don’t always address some of the key issues that arise during a data breach, like the cost of reputation damage and loss of customers. In order to fully protect your business, a cyber insurance policy should be coupled with a thorough business continuity plan (BCP). Here are a few things to keep in mind about cyber insurance policies.

Payout Requirements

Before coverage can apply, businesses experiencing a breach have to meet certain requirements. In order to ensure that the incident isn’t something that happens frequently, many cyber insurance policies require businesses to wait six to 12 hours before the incident can be deemed a legitimate business disruption. Larger companies typically have to wait even longer due to the assumption that they can afford more loss before needing any aid.

Furthermore, cyber insurance policies don’t always provide reasonable coverage for ransomware attacks. Although this type of coverage — called “cyber extortion” coverage — varies, many times the policy deductible will cost more than the ransom amount. Others cover the cost of paying the ransom but require a business executive to agree to pay the ransom, which is strongly discouraged by the FBI.

Coverage Gaps

Every cyber insurance policy is different depending on the industry and size of the business, but the most common components of cyber coverage are errors and omission, media liability, network security and privacy. However, a few important areas that are not currently covered by cyber insurance are reputational harm, future revenue loss and the cost of IT system improvement.

Sometimes cyber insurance doesn’t even cover the full cost of a data breach. When the P.F. Chang’s restaurant chain was hacked in June 2014, the chain’s cyber policy only covered $1.7 million of the total cost. Due to some exclusions in the policy, the coverage did not apply to an additional $1.9 million that P.F. Chang’s reimbursed to Bank of America for charges made as a result of leaked credit card information.

Risk of Misinterpreting the Policy

If you have a cyber insurance policy in place, ensure that you understand what specifically is covered in the event of a data breach. Sometimes, even though a policy has cyber extortion coverage, it may not cover “first-party” costs like public relations expenses, profit loss during downtime and the cost of investigating the breach. Or in some cases, the policy will cover data breach costs only if the breach is committed by someone within the company’s walls or as a result of human error.

One example of a business misinterpreting its insurance policy occurred in April 2011, when Sony’s PlayStation network was hacked, causing Sony to lose $178 million in profits. Sony sought coverage from Zurich and Mitsui Sumitomo Insurance Company, which filed suit in New York state court, stating it was not obligated to cover the hack because Sony had misinterpreted a phrase in the insurance policy. The courts sided with Zurich, citing the fact that the policy requires the policyholder to commit the act, and Sony’s breach was committed by a hacker.

Cyber Insurance Works Best With a Business Continuity Plan

Although cyber insurance helps cover certain costs of a data breach, it’s not enough to completely support your organization in the event of a breach.

Business continuity planning requires you to identify weak points in your organization, such as out-of-date IT infrastructure, lack of an off-site data vaulting solution and employees who are uneducated about cyber security best practices. Proactively identifying these vulnerabilities ultimately helps reduce the chances of a cyber breach from occurring.

If your business is still affected by a breach despite your precautions, a business continuity plan helps mitigate the impact of areas cyber insurance doesn’t cover, like developing plans for managing the business’s public image after a breach, testing processes for getting systems back online and helping employees get back to work again.

What are you doing to improve cybersecurity in your business? Let us know in the comments.

Tips to Keep the Fourth of July Safe and Exciting

With July Fourth just around the corner, this week it seemed appropriate to focus on personal disaster preparedness. We've come up with a few ideas to help you and your family safely celebrate the holiday weekend.

Independence Day image Grill Responsibly

According to the National Fire Protection Association, there are approximately 8,900 fires caused by grills each year. In fact, just last month, a family in Oregon experienced a fire after leaving the grill unattended on their back deck. If you're grilling this weekend, be sure to supervise your grill to prevent any accidental fires.

Exercise Caution When Using Sparklers and Fireworks

When you consider that cakes bake at 350 degrees and glass melts at 900 degrees, a sparkler burning at a blistering 1,200 degrees is extremely dangerous. Although it's a fan favorite, take precaution with sparklers this weekend and make sure to keep a safe distance from others to prevent burns.

If you're shooting off fireworks (legally, of course), be sure to set them off a safe distance away from buildings and have a fire extinguisher nearby.

Be Aware of Burn Bans

Before firing up your grill or lighting any sparklers, find out if there are any burn bans in effect in your area. If there are, follow your state's guidelines when participating in Fourth of July festivities that involve fire.

Review these other firework safety tips to help keep your weekend injury-free.

SMEs Become Major Target for Cybersecurity Attacks

Cyber attacks have become an expensive and frequent danger to businesses of all sizes. The cybersecurity attacks that usually make headlines are ones affecting large businesses, but it turns out that 62 percent of all cyber attacks target small and midsized businesses.

Small and midsized enterprises (SMEs) are not lucrative individually, but automation has made it possible to attack them by the thousands. Because various SMEs are affiliated with larger organizations and may have access to the data of these partners, hackers may also see SMEs as a gateway to larger corporate networks.

SMEs tend to be easier targets than large companies, because their budgets are usually smaller and don’t prioritize cybersecurity. However, the cost for victims to recover from a cyber attack has steadily increased each year, regardless of the size of the business. Cyber attacks are expensive due to lost productivity and recovery expenses, which can cost a brand millions in public relations consulting fees, customer outreach efforts, advertising campaigns and liability suits.

The staggering cost of a potential cyber attack makes network security and a technical risk assessment essential for a business to prepare for and recover from a security breach. As the digital age continues, cybersecurity grows more important.

Take time to identify any weaknesses in your business’s cybersecurity and create a plan for correcting them. For more information on how to prevent cyber attacks, read our post “Five Ways to Thwart a Cybersecurity Nightmare.” 

Limit Downtime This Hurricane Season

Floods from hurricane destroy roads and office buildingsWith hurricane season now in effect, several large storms are already causing major flooding in Houston, TX. An estimated $1.3 billion in damages is slowing or temporarily halting business operations for many companies in the area.

However, instead of suspending essential business activities, one company is making the most of the recent floods. Houston-based independent electricity provider AP Gas & Electric (APG&E) used the surge of downpours as an opportunity to test its preparedness for the more considerable storms that are likely to hit in the coming months. By sticking to its predetermined business continuity plan (BCP), APG&E is able to continue providing electricity to its customers, saving the company time and money that would have been lost had it closed down.

If your business is on the coast, follow APG&E’s lead and make sure you’re prepared to minimize downtime in the event of flooding, storm surges, extreme winds and even subsequent tornadoes this hurricane season. Here are a few suggestions to help you start your BCP.

Create a Plan That Addresses the Entire Business

There’s a common misconception that business continuity planning only affects the IT department. In fact, whether you create a business continuity plan (BCP) internally or choose to outsource it, your BCP should involve plans for getting critical processes and departments up and running again.

If you already have a BCP in place, third-party consultants can provide an objective view of your business and make suggestions for your BCP so that your plan is effective when interruptions occur.

Business continuity as a service (BCaaS) uses the expertise of professionals to develop and manage a specific plan tailored to your business’s needs. With a streamlined course of action, your business will be able to remain operational in the event of a disaster.

Prepare Alternate Workspaces

Whether there’s physical destruction to your building, or employees and customers are unable to travel, damages from disasters can hinder your ability to maintain normal business activities in your primary office space. If you need to relocate business operations, make sure you have access to an alternate workspace as soon as possible.

Fully equipped alternate workspaces like Mobile Recovery Centers (MRCs) can be made available within as little as 24-48 hours of a disaster declaration, while fixed-site Business Recovery Centers (BRCs) can be made available within as little as four hours of a declaration. Once the alternate location is set up, your company can begin to successfully restore business operations.

Back up and Recover Your Data

Having access to your data and applications is imperative when disaster strikes. A fully managed and monitored cloud recovery platform will protect your IT infrastructure. With secure data vaulting and recovery, your data will be recoverable on- or off-site within your recovery time objectives.

Hurricane season is upon us, so make sure you take the necessary steps to prepare your business before it’s too late.

To see how another business remained operational during hurricane season, check out this post.

[INFOGRAPHIC] Why Employees Are the Leading Cause of Data Breaches

Employee data breaches have become a major concern in today’s corporations. An astounding 60 percent of companies believe their employees are not knowledgeable about potential security risks. 

Learn more about the leading cause of data breaches by checking out this infographic by Experian.

Infographic depicting the causes of data breaches

Data breaches are here to stay. To learn more about the harm they cause, read this post.

How Do You Maintain Business Continuity When Your Business Is Part of a Crime Scene?

Police crime scene tape close up
In April 2015, Baltimore, MD erupted in chaos as protesters stormed the streets following the death of 25-year-old Freddie Gray. Rioters showed no scruples about damaging physical property, and a Small Business Administration survey later estimated the damages at $9 million.

But while many businesses weren’t equipped to handle the disruption, one local service provider was prepared. Rather than shutting its doors while waiting for the rioting to subside, the business simply relocated its operations to a building it owned outside of the hot zone. The building was already equipped with tables and chairs, and the business worked with a third-party business continuity and disaster recovery (BC/DR) vendor to have office equipment shipped in within 24 hours.

What would you do if your business experienced an interruption due to a civil unrest, a terrorist event, workplace violence or other kind of event that might make your own organization or city a crime scene? Follow the lead of the Baltimore service provider and take these precautions: 

  • Have physical space ready. It could be a building you own, a previously contracted third-party building or a mobile workspace.
  • Make sure you have access to backup equipment, whether it’s your own inventory stored off-site or equipment that you’ve precontracted from a BC/DR provider.
  • Make a plan of action and test it. Creating a plan of action and testing it helps your employees know what to do in the heat of the moment and helps you fine-tune the plan.

Unfortunately, you won’t receive prior notice when a crime occurs on your doorstep. But with some advance planning, you can relocate your operations and protect your business. 

To learn more about integrating workspace recovery and IT disaster recovery to maintain business continuity, read this post.