COVID-19 Information
Learn how your business can respond to COVID-19.   Learn More >

3 Best Practices for Updating Your Cybersecurity Response Plan

If you’re a small business with a cybersecurity response plan, you’re ahead of the game. Kudos! If your business hasn’t yet created a cybersecurity response plan, then stop what you’re doing and put it on the agenda.

The days of hoping you’ll be able to get by as a small fish in a big pond without becoming the victim of a cyberattack have passed. You need to have a plan for what you’ll do in the event of a breach, hack, or some other attack.

Even if you already have a cybersecurity response plan, it’s important to make sure your plan is up-to-date. The landscape changes rapidly in terms of what kind of threats are out there and the best ways to respond, so it’s worth it to revisit your plan every year, at a minimum, to make sure that it still makes sense.

There are other aspects of your plan that will require action more frequently, which makes updating your cybersecurity response plan all the more important. Here are the best practices for keeping everything current and what you can do next.

Update Your Plan with Responses to New Threats

Few people were talking about data breaches five years ago the way we do now, but over that timespan, the cost of suffering one has risen 12%—up to $3.92 million on average, according to IBM. As the number of data breaches grows each year, it’s important to stay on top of new threats and have a plan for how to deal with them.

As new threats arise, your team needs to assess how dangerous they are to your business, what you can do to mitigate them, and what response you might need to have if the worst-case scenario were to play out. Your plan should always be in process. Hackers are always coming up with new ways to pull off old tricks, so make sure that you’re ready to respond accordingly.

Read the News

When looking at what’s working and considering how to update your cybersecurity response plan, an easy way to get started is to take a look at the news to see what new approaches have recently succeeded against other businesses. If a hack works once, there will be people lining up all over the internet to try it again on a new target.

If, for example, you notice that spear-phishing attacks are on the rise, then you’ll need to adjust your cybersecurity response plan to have more upfront training to help your team separate the good emails from the bad ones. You’ll also need a plan for addressing a data breach accomplished in this way, which probably means specific action steps for changing logins and limiting the damage to certain accounts.

You don’t need to completely upend your cybersecurity response plan with every new piece of news. In our spear-phishing example, you’re probably going to respond to a data breach in more or less the same manner no matter the source, but how you try to protect yourself in the first place and what you do immediately following an incident are likely to be different. Focus on how to differentiate between what you need to change and what you need merely to adapt, and you’ll be in great shape.

Practice Your Cybersecurity Response Plan

One of the easiest ways to test out your cybersecurity response plan is to run a crisis simulation and see if everything works the way you think it’s going to work. In Deloitte’s “Crisis management for the resilient enterprise” study, they found that while almost 90% of businesses were confident in their ability to withstand a cyberattack, only a little over half had actually run a simulation to prove it.

Running a crisis simulation can certainly be daunting. You have to find someone to play the role of the adversary for your business, and you have to take time out of your day to run the simulation that could be spent doing any number of things. At the same time, there’s no more valuable exercise than actually practicing what to do and how to do it.

Practicing lowers response times and empowers your team to act decisively in the face of a real attack. What’s more, you can more accurately judge where your cybersecurity response plan is lacking and take steps to fix it before something actually goes wrong.

What You Can Do Right Now

Making a cybersecurity response plan for your small business isn’t easy, especially because it needs to be able to shift over time to react to changing threats and the ever-shifting technology landscape. While you’re already ahead of the game if you’ve developed a plan, it’s important to make sure your business occasionally reviews what you’ve set down on paper and updates it appropriately.

Make sure, too, that you actually practice your plan with some form of crisis simulation, so your team knows what to do before something actually goes wrong. Here’s what you can do right now to make that you keep your cybersecurity plan up-to-date.

    • Factor new risks into your plan to figure out what needs to be updated and what can stay the same.
    • Read the news to look for trends and shore up your defenses where you’re most vulnerable.
    • Practice your plan with crisis simulations to make sure your team is ready.