For more insights about building a robust cybersecurity program and how to identify, understand, and protect against cyber risks to your organization, visit zurichna.com/insurance/cyber.
Conduct a risk management review after the event, noting key takeaways and lessons learned to continuously improve your cybersecurity resilience.
Test recovery plans as often as possible and stage outage drills to get an accurate sense of the organization’s ability to recover.
Develop a Disaster Recovery (DR) plan for all major systems based on each one’s impact on the business. Include Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) that establish target timelines for when systems and processes will be restored so that you can minimize downtime and data loss.
Even the best defense may crack when hit with an especially advanced cyberattack. To rebound quickly and resume operations in full, have a recovery plan ready to go.
Recover
step 5
Analyze the incident to understand the threat’s full potential and document triggers for future reference.
Prepare a documented process that manages crisis communications to employees, customers, vendors, and the public. Make sure any communications are approved by leadership and delivered by authorized officials.
Create an Incident Response Plan (IRP) that explains how to identify, contain, and eradicate common cybersecurity threats and includes important contacts and recovery steps. Keep physical copies of the playbook readily available in the event of a network failure.
If you detect any unusual activity, act fast to isolate and mitigate the threat.
Respond
step 4
Establish a vulnerability management program that requires (at a minimum) monthly internal and quarterly external network scans.
Use a security information and event management (SIEM) tool to log data from all devices on your network, using automated analysis to spot anomalies and trigger appropriate responses.
Whether in house or through an external provider, invest in a 24/7 continuous monitoring service with a dashboard feature that immediately relays anomalies to responsible personnel.
Once you’ve established your defense, implement systems that detect attacks and negate them before they can do harm.
Detect
step 3
Conduct mandatory cybersecurity training and simulation exercises for employees during onboarding and throughout the year to ensure they’re aware of emerging threats, scams, and phishing attempts.
Regularly test your security defense to see if it can withstand an aggressive attacker and ever-evolving threats. If you see any vulnerabilities, patch them immediately.
Back up mission-critical data in air-gapped, off-site data stores unconnected to your network. This also means they can be used to restore data in the event of fires, floods, glitches, or hardware failure.
Require access controls, such as complex passwords and multifactor authentication (MFA), that challenge users to identify themselves when attempting to log onto a network, no matter where they’re logging in from. Only grant users the necessary access required to perform their specific job duties.
Invest in software, such as firewalls and intrusion detection to protect networks and devices, and be sure to keep it updated.
After identifying critical assets, move to reduce the likelihood and impact of a potential breach.
Protect
step 2
When onboarding vendors, thoroughly vet their security practices before sharing information with them. Consider diversifying your vendor base to mitigate impact
in the event that a particular vendor’s security
is compromised.
Create an inventory of all assets (including hardware, software, and data) and rank them according to their associated risk and confidentiality level. Make sure any identifiable information, such as health data, can be easily modified or deleted to comply with data privacy legislation.
Establish a formal reporting process between cybersecurity and business leadership to discuss regulatory updates, vendor agreements, security strategies, roadmaps, trainings, and budgetary needs.
Conduct a cybersecurity risk assessment to evaluate existing safeguards and identify any holes that require immediate attention. Be aware of all devices that are connected to your network at any given moment.
Form an enterprise security team distinct from IT to actively fend off threats, monitor the cyber landscape, periodically review programs, and continuously test and update your policies. If you’re unable to build a dedicated group, consider Zurich Cyber Insurance Policy – Concierge Suite.
What are you trying to protect? Determine which processes, systems, and data are most at risk and implement the following measures to help keep them safe.
Identify
step 1
DOWNLOAD THE CHECKLIST
Cybersecurity Preparedness Checklist
Created with insights from Zurich North America’s cyber risk specialists, this tool can help ensure your organization has the protection it needs from cyberattacks.
As cybersecurity threats grow more sophisticated by the day, organizations must become equally sophisticated in their approaches to defend against them. With the right tools, training, and tactics, Zurich can help take your security to the next level—ensuring that your employees, customers, and stakeholders alike can navigate through an attack.
Created specifically for business leaders and based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework, this checklist from Zurich’s cyber risk specialists outlines actionable ways to enhance your digital security across your organization.
Created with insights from Zurich North America’s cyber risk specialists, this tool can help ensure
your organization has the protection it needs
from cyberattacks.
Require access controls, such as complex passwords and multifactor authentication (MFA), that challenge users to identify themselves when attempting to log onto a network, no matter where they’re logging in from. Only grant users
the necessary access required to perform their specific
job duties.
This content was compiled from sources believed to be reliable for informational purposes only. All sample policies and procedures herein should serve as a guideline, which you can use to create your own policies and procedures. Zurich North America (“Zurich”) does not guarantee any results and further assumes no liability in connection with this content and sample policies and procedures. The subject matter is not tied to any specific insurance product nor will adopting these policies and procedures ensure coverage under any insurance policy. Nothing herein should be construed as a solicitation, offer, advice, recommendation, or any other service with regard to any type of insurance product underwritten by individual member companies of Zurich in North America, including Zurich American Insurance Company, 1299 Zurich Way, Schaumburg, IL 60196. In the United States, risk engineering and risk management services are provided by The Zurich Services Corporation.
This content was compiled from sources believed to be reliable for informational purposes only. All sample policies and procedures herein should serve as a guideline, which you can use to create your own policies and procedures. Zurich North America (“Zurich”) does not guarantee any results and further assumes no liability in connection with this content and sample policies and procedures. The subject matter is not tied to any specific insurance product nor will adopting these policies and procedures ensure coverage under any insurance policy. Nothing herein should be construed as a solicitation, offer, advice, recommendation, or any other service with regard to any type of insurance product underwritten by individual member companies of Zurich in North America, including Zurich American Insurance Company, 1299 Zurich Way, Schaumburg, IL 60196. In the United States, risk engineering and risk management services are provided by The Zurich Services Corporation.
DOWNLOAD THE CHECKLIST
DOWNLOAD THE CHECKLIST