Skip to content
"VC3 has made it easier than ever before for our local government to serve our citizens by providing us with modern web tools and a team
of talented and courteous professionals.
City of Valdosta, GA

Find All the Resources You Need

Our resources & insights includes case studies, client testimonials, guides, checklists, blog articles and more!

 

3 min read

Answers to Cyber Security Questions: What to Do RIGHT NOW

If you missed the Cyber Security Q&A Panel Discussion that we held earlier this month, you missed out on something big.

On November 6th, we had 56 business leaders join us for a live online event where experts answered burning questions submitted by our clients and local business leaders.

The panelists represented multiple disciplines so that we could cover cyber security and cyber risk from many angles - IT, legal, crisis and reputation management, and insurance.

Thank you to the VC3 team for putting this event together, and to our panelists - Crystal Rockwood from Rockwood Communications Council, Brian Reider from BBK LLP, Glen Carlson from McGriff Insurance Services, and Peter O’Campo with VC3. Don Pierro from Empower Lab did a great job moderating.

Even if you watched the event, you should check out the synopsis that includes the recording of the webinar, as well as a list of the top 30 questions and answers.

Here’s a link to the page: Cyber Security Risk Panel Synopsis & FAQs: What Business Executives Want to Know About Managing Cyber Risk

Turn Knowledge Into Action With This 3-Step Action Plan

Becoming informed about cyber security is definitely the first step that anyone should take if they want to improve how they manage cyber risk.

Then, it's time to create an action plan and start doing.  After all, you have to act on the information to make progress towards the better outcome you want.

Here’s how I would distill the information that the panelists shared:

  1. Conduct a cyber security assessment on your network. You need to know where someone can break in and what they would have access to if that happened. An assessment will reveal your risk points so you can make an educated decision on what to do next.
  2. Evaluate your risk and determine if you need insurance coverage. Check your current policy to see how cyber risks are addressed. It’s possible you might already have the coverage you need.
  3. Create a cyber incident plan BEFORE an intrusion happens. This should include a communications plan that details who to notify and in what order. The industry you’re in will determine who you need to communicate with.

Cyber Forensics – What You Do Now Will Help Later

The panel discussion touched on something that I would also add to any action plan – cyber forensics. Cyber forensic teams are enabled with software tools that can retrace the events leading up to a cyber attack.

You're probably thinking, "Good to know that if something happens, I'll call them and they'll see what happened."

Yes, they'll look back at the information that's available, but there's one critical piece that's often overlooked. These enterprise security and cyber forensics tools need to be in place BEFORE anything happens...so the time to get them going is NOW.

The purpose of cyber forensics is to learn how an intruder got into your network so that you can determine what damage was done and prevent the same thing from happening again. This means that in a major cyber event, the first thing you need to do is to stop the spread, “preserve the crime scene,” and call in a cyber forensics expert.

That can be counter-intuitive in the moment when all you’re thinking about is getting back to work. If you immediately start restoring, you risk losing evidence that you might need to get paid for your losses.

Insurance will want to know how the incident happened. If you don’t treat your network as an active crime scene and you’ve already blown away the evidence, you could get stuck. You need the breadcrumbs. Those crumbs wash away when you start restoring.

The Baseline for Security Has Shifted

If you don’t have enterprise security tools, then you probably don’t have true cyber forensics capabilities on your systems yet.

Without a Security Information and Event Management (SIEM) tool that collects and logs data, your cyber forensics team won’t be able to go back in time to see what happened and when. You’ll just be making a best guess.

My advice is to get advanced security tools installed now BEFORE something happens. It’s much better to do something now and be proactive than to wait and react after the fact. It’s much less painful for everyone involved.

Marty

Let's talk about how VC3 can help you AIM higher.