- Prepare an Incident Response Plan and practice it regularly
- Provide cyber security awareness training to all staff, ensuring a strong first line of defence
- Implement, at a minimum, the following cyber security controls: Multi-Factor Authentication, off-site back-ups, and ensure to be able to recover business-critical data and systems in under 10 days
- Think about the businesses’ specific risks and ensure the selected cyber product addresses those risks
- Partner with an experienced insurer with proven cyber experience
- Integrate cyber insurance and risk management to minimize the impact of a cyber incident
- Follow your Incident Response Plan
- Notify the insurance agent, broker or insurer of a potential claim. Remember time is of the essence
- If provided by the cover, then access specialist incident response services, such as IT forensics services, extorsion services and PR & crisis communication services