How to Create an Incident Response Plan

By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow
Read other articles by this author

Data breaches are extremely common as technology continues to advance. Of those breaches, small and medium-sized businesses (SMBs) are a favored target for cybercriminals.

In fact, more than 70% of attacks target small businesses, according to the National Cyber Security Alliance, and as many as 60% of hacked SMBs go out of business following a data breach.

With the stakes so high, SMBs must be prepared to respond to a data breach in the event one was to occur.

You can offset the chance of an attack with training and security measures, but are you positioned to react if you are attacked? Having your business and team up to speed is essential.

Here are some tips for how you can get cyber response ready
First, take inventory of your assets. Do an initial asset audit and put a dollar value on each item. This will assist you in prioritizing your response efforts as well as knowing how one asset can affect others.

Second, assess your vulnerabilities. Where are you weak and where are you strong? This can be an extensive process but will allow you to not only make your business more efficient but also offset the risk of an attack.

Consider this as a starting point – how many employees do you have? Each one of those individuals represents another set of risks. Are you training them regularly? Do they know what a phishing email is and how it can endanger not only their individual cybersecurity but the business as a whole?

Unfortunately, we don’t always see the gaps in our processes and business until they are exposed, so try to run through a scenario with the entire group to gain input into how they would see it play out and would be affected. This not only allows you to see different perspectives, but it also reminds each team member how they contribute to the bigger picture, and how they can be a part of prevention.

Third, assemble a team. Be sure to get representation from all divisions of your business. Each individual should have a well-defined goal to not only improve group efficiency and input but also be a responsible and effective part of the response team should an attack occur.

Next, build an action plan. With input from your team members and the risks and assets defined, you can build a plan to respond to an attack as well as minimize the chance of that happening. Outline each step and include as much detail as possible. Get your workforce involved by asking for input and feedback along the way.

The more involvement your team has, the more likely it is that you will uncover and fix all risk and have their full engagement in case of an attack.

Enact dry runs and ongoing training programs to ensure that new employees are up to speed, and existing employees are well trained.

Continue to audit and evaluate your plan – including risks and assets on a regular basis. Doing a quarterly evaluation would be ideal.

As with most of the experiences in life, you can never be too prepared, and should an attack occur, the quicker you can react, the more likely you are to survive.

This article was originally published on HIPAA Secure Now! and is republished here with permission. HIPAA Secure Now offers annual online subscriptions to help covered entities and business associates keep up with compliance. Learn more here.