Business steps to take after a cyber data breach

Because it’s not if, but when a business will experience a cyber breach…which means it’s vital to be prepared before one happens.

The first step for any small business experiencing a cyber breach to take is to enact its cyber security incident response plan. Yes, you should have a plan!

“If a cyber breach happens, don’t touch anything, call for help. Engage professionals at the first sign the system has been compromised. They will be able to triage the situation and provide advice about the nature of the event.”
Steadfast Technologies’ Chief Information Security Officer, Alexander Moskvin

This means that having a relationship with cyber security experts in advance is vital so you can act immediately should a cyber breach occur. The right level of service for your business will depend on its nature and budget.

  • Some businesses may only require cyber security support during business hours.
  • Other businesses will need access to 24/7 support. This is particularly important for businesses where not being able to access their data for a period could have a significant revenue impact. For instance, let’s say a restaurant is the subject of a ransomware attack on a Friday and so can’t operate over the weekend. Around-the-clock cyber security support may be essential so it can trade over the peak weekend period.

Cyber security incident response plans for small business

It’s an age old adage that remains all too true today – if you fail to plan, then you plan to fail.

The federal government has published a guide detailing the steps to follow when a cyber breach occurs. This is a great place to start designing your incident response plan. While the government’s guide may be too comprehensive for many small businesses, it contains numerous elements every plan should include.

A one-page plan will be sufficient for most small businesses.

  • If you have cyber insurance, you need to notify your insurance company.
  • Your plan should also include service provider contact numbers to call when a breach occurs.
  • It may be appropriate for your plan to also include a protocol for notifying people in the business and under what circumstances. For instance, as a business owner, you may require immediate notification if the breach involves your customers’ personal data. But you may not necessarily require notification simply if a virus is detected and it has not yet entered the system.
  • It’s also often essential to outline the method of communication for different breaches. In the example above, the plan may state you should be notified by phone if customers’ personal data is involved in the breach. But if a virus is detected, email or SMS notification may suffice.

It’s up to the individual business to work through a range of different scenarios and to define what constitutes a high-risk and low-risk notification to senior management. A traffic light system where different scenarios are classified red, amber and green can be useful.

Steps to follow after a cyber breach

During a cyber security event, it’s vital to follow the guidance of your cyber security experts.

“Often what happens is users click on a message or pop-up window that says the company’s information has been encrypted and clicking a link will reveal instructions to get access to the data. But this may be just a threat and the system won’t yet be infected. It’s only when the link in the message is clicked that the system will be infected.”

If a compromise is confirmed, it may be necessary to notify affected individuals or companies…or even the Privacy Commissioner.

Small businesses must have an incident response plan so they know who to contact in the event of a cyber breach. This will help them to reduce damage and get back on their feet as soon as possible.

Specialist cyber cover

Depending on the nature of your enterprise, it may be wise to take out specialised cover.

In today’s world, cyber insurance is fast becoming a must-have, particularly for businesses that handle and store customers’ personal data.

Cyber-attacks and data breaches are a common occurrence – and they can be extremely disruptive and damaging. Cyber cover can help mitigate the costs associated with data breaches and privacy violations. Without it, your business may struggle to recover from a significant incident.

Insurance can help safeguard start-up businesses against unexpected damage, disruption and disaster. If you need help to determine the type and level of cover that’s right for you, contact Whitbread today.

T: 1300 424 627
E: info@whitbread.com.au

LinkedIn WIB narrow

Important notice
This article provides information rather than financial product or other advice. The content of this article, including any information contained in it, has been prepared without taking into account your objectives, financial situation or needs. You should consider the appropriateness of the information, taking these matters into account, before you act on any information. In particular, you should review the product disclosure statement for any product that the information relates to it before acquiring the product.

Information is current as at the date the article is written as specified within it but is subject to change. Whitbread Insurance Brokers make no representation as to the accuracy or completeness of the information. Various third parties have contributed to the production of this content. All information is subject to copyright and may not be reproduced without the prior written consent of Whitbread Insurance Broker.

This article is not intended to be personal advice and you should not rely on it as a substitute for any form of personal advice. Please contact Whitbread Associates Pty Ltd ABN 69 005 490 228, License Number 229092 trading as Whitbread Insurance Brokers for further information or refer to our website.

the whitbread channel

Whitbread’s top tips for a safer holiday season
Whitbread’s holiday hours & emergency assistance 2024
Tailored insurance solutions for Build to Rent