Cyber Event Planning – Hope is not a Strategy

Posted On:May 24, 2016 Updated On:December 13, 2022
Crisis Management, Disaster Recovery Planning
Cyber Event Planning - Hope is not a Strategy

When you’re contemplating cyber event planning and risk mitigation in an IT disaster, hope is not a strategy for mitigating risk.

For Business Continuity planners, data security has become a high priority element of the program. Audits have pushed this to the top of the priority list for many organizations. Even with all the data breaches over the past several years, many organizations are not prepared to react to a data breach. We have seen the entire continuum – from highly prepared for a breach (with formal plans, regular exercises, and technologies in place to prevent breaches) to a strategy of hope – we hope it does not occur.

Every security expert with whom we have worked says it is not if, but when, an organization will have some type of data exposure or cyber event. The cost of these breaches has grown year over year. A 2015 study by IBM and the Ponemon Institute calculated the average cost to organizations (350 companies in the survey) to be 3.79 million dollars. This is an average of $154 per record lost or stolen. Depending on the industry the cost can vary, with the public sector at $68 and retail at $165.

Organizations must make planning for and preventing data breaches an ongoing activity. It should be noted that a basic security penetrating code can be purchased for a little as 10–15 dollars on the web. These codes are not sophisticated, but the ease of access should cause everyone to pause.

Your planning should include the following:

  • Does your organization have or need cyber insurance?
  • What is your response plan in the event of a cyber event?
  • What is your communication plan?
    • Media
    • Social Media
    • Internal
  • Can you afford to shut down your online presence, your online commerce, or access?
    • For how long?
    • Are there portions that can be shutdown, still allowing critical or limited access?
    • Is there a decision point for shutting down access?

These should be identified in advance to allow the Crisis Management Team to make decisions quickly.

Cyber event planning is both a business and IT endeavor. As it relates to data breach or cyber event planning, hope is not a strategy.

Business continuity consulting for today’s leading companies.

Company

Services

Follow Us

© 2024 · MHA Consulting. All Rights Reserved.

Learn from the Best

Get insights from almost 30 years of BCM experience straight to your inbox.

We won’t spam or give your email away.

  • Who We Are
  • What We Do
      Business Continuity

      Business Continuity

      Crisis Management

      Crisis Management

      Disaster Recovery

      Disaster Recovery

      BCaaS

      BCaaS

      Program Augmentation

      Program Augmentation

      Training and Awareness

      Training and Awareness

      Discover our intuitive BCM software.
      Resources
      Learn from the best.
  • BCMMETRICS™
      Compliance Confidence

      Compliance Confidence

      BIA On-Demand

      BIA On-Demand

      Login

      BCM Planner

      BCM Planner

      BCM One

      BCM One

      See Our Software in Action

      Schedule a Demo

      Theron Long - BCMMETRICS Demo

      BCM Services backed by experience

  • Blog
Contact Us