An increase in a virtual workforce and a stressful health and safety environment means a high likelihood of an increase in cybercrime. Now is the time to not only test your IT infrastructure for managing the strain of an increase in virtual workers but also to test your reflexes on what to do in the midst of a cybersecurity incident.
Tip 1: Have a True Incident Response Plan and Follow It
When was the last time you dusted off your organization’s incident response plan and actually read it? No matter how sophisticated your organization may be, or how many times you’ve conducted a tabletop exercise in the last few years, it is important to review the plan and refresh it based on what is going on in the world and the incidents that your organization may face today. Often, in the heat of an incident, a plan gets set aside. That tendency is only going to be heightened given the stress of a global pandemic. Make certain you’ve reviewed your incident response plan with your organization’s key stakeholders and that you are all committed to following the plan. If you don’t have an incident response plan, reach out to counsel for assistance in drafting one.
Tip 2: Alert Your Lawyer Immediately in the Event of a Breach
Now is not the time to hesitate about alerting counsel. Call your lawyer immediately or within hours (not days!) when a cybersecurity incident happens. Cybersecurity counsel can walk you through the crucial and necessary steps that must be taken at the outset to manage the crisis. In addition, working at the direction of counsel helps to insulate your response with the attorney-client privilege.
Tip 3: Prepare to Preserve Evidence
Now is the time to toggle on monitoring of network logs. Often, businesses have not taken steps to preserve logging or audit trails that would show access into their systems. This evidence can be critical when managing an incident.
Tip 4: Even Working Remotely, Require Verbal Authorization for Wire Transfers or Sensitive Document Requests Sent by Email
Work now to develop a system that does not rely on email communications to authorize payments or the sending of protected information. There will be an uptick in cybercriminals attempting to intervene and obtain wired funds, so now is the time to develop a plan to prevent these crimes from occurring.
Woods Rogers Cybersecurity and Data Privacy team is ready to help.