Partner Dan Healy collaborated on an article about mitigating the damage from a cyberattack for accounting firm BDO ahead of a BDO webcast on the same topic.
The Oct. 12 article, which was co-authored by BDO principal Mark Millard and BDO practice leader John Petzold, explains the steps a company should take to prevent and respond to a cyberattack.
A staggering 80 percent of organizations report having been the victim of multiple data breaches, according to the Harvard Business Review.
“A sophisticated resilience plan coupled with a well-structured insurance policy are crucial for dealing with the ever-growing world of cyberthreats,” the authors wrote. “Yet even with comprehensive planning, organizations experiencing a cyber incident still aren’t guaranteed a successful recovery. The best plans in the world require sound implementation to be effective.”
According to the article, organizations that want to effectively enact their resilience plans and navigate the claims process should develop a response playbook to react with organized speed; document everything as soon as a breach is discovered; quantify losses, including business interruption and additional expenses related to the incident; and structure cyber insurance policies to meet the organization’s needs.
Responding quickly and enacting a preplanned strategy are important, but that’s only the first line of defense. Cyber liability insurance is a critical component of successful recovery, but it’s not enough. Those organizations must understand their policy, including the types of coverage and their limits.
When organizations take the proper steps to react to a cyberattack, they position themselves to get the most out of their insurance policies, the authors noted. The trouble with the threat landscape is that it’s often not a matter of if a cyberattack will happen again, but when.
“It’s possible to turn the negative consequences of an incident into a positive, though,” they wrote. “By digging into the events that lead to a cyber breach and putting together the facts, organizations can enact policies and procedures to enhance their operational resilience and address areas of high-risk exposure that bad actors exploited.”
Read the full article here.