8 Steps to Building a Strong Breach Readiness Plan

You know that reacting to a breach can set your organization back in more ways than just the financial impact. By implementing a proactive approach to a breach, your organization will be less affected by downtime. To build a proactive approach you need to do some planning.  Here are the 8 steps you need to take to build a proactive breach readiness plan.

  1. Conduct a business impact analysis (BIA)

Before you can create a plan, you need to know what data and processes are most important to your business. For instance, in the event of a breach, could your business continue without its website?  Could it function without its financial data? Once you have prioritized which applications are critical to the business, and to identify all the dependencies associated with a business process, then you are ready for the next step.

  1. Classify your data

Like the above, you need to decide which data is the most mission critical to your business.  Data that falls under regulatory requirements, customer data, patient data, credit card data, and intellectual property are likely the most critical to keep protected. Only keep data that you absolutely must, and then ensure that data is well protected. 

  1. Develop a solid communication plan

Now that you have completed the above, it is time to communicate the plan.  Ensure all key stakeholders are aware of the plan, and that there are hard copies available in addition to the soft copies.  Ensure the right people have the appropriate cell phone numbers and email addresses to share information.  Make sure the relevant stakeholders have a playbook that spells out how to respond to a crisis in terms of contacting law enforcement, outside legal teams, utility companies, key technology and supply chain partners, senior leadership, the broader employee base, and external PR teams if necessary.

  1. Continual testing

Now that you have a plan in place, it is time to test it.  A crisis is not the time to find out that the plan doesn’t work.  Traditional tabletop exercises where the key stakeholders come together to play out various breach scenarios are a great way to test out the plan.  From these tests, you can assess what parts of the plan work well, and what parts need to be improved.  Testing should also be held fairly often to ensure the response is automatic. 

  1. Create immutable data backups

Perhaps one of the biggest breach threats out there is ransomware. To avoid having to pay a ransom to restore files, keep immutable backups off all the important data classified above.  Having two backups may not be enough.  Having a third backup offsite and offline ensures that it can’t be altered by an outsider. This gives you a clean copy to restore your files from without having a pay a ransom. 

  1. Perform continuous updates

Just like performing continual testing, you should also be continually updating your business’s breach readiness plan. Personnel and technology changes will necessitate ongoing updates to the plan. For instance, a move to the cloud will change how data is stored and how it needs to be protected.  To be effective, a breach readiness plan needs to be dynamic to respond to the ongoing changes that face business.

  1. Do long-term planning

Even though things can change, planning for the long term is also important when building out a breach readiness plan.  Who would have predicted the current COVID-19 pandemic? Not everyone had a plan for what to do when offices shut down. Many businesses made quick plans to get online. You can’t predict the future, but being prepared to be nimble is an important part of the plan.

  1. Consider Breach Readiness as a Service (BRaaS)

Implementing a breach readiness plan can be time consuming as it requires a lot of planning and creative thinking.  You can certainly put your own plan in place but consider hiring an expert to help save you time.  Uzado’s Breach Readiness as a Service (BRaaS) is something CISOs at small to mid-sized organizations should consider if you want to cost-effectively improve IT resilience, meet compliance or regulatory requirements, and address any cyber security deficiencies. Uzado will help you conduct a BIA, classify data, create a communication plan, create a backup and recovery strategy, test and update your plan, and help you strategize for the long term.