Cybersecurity Risk Management Plans and Workplace Safety Part 2
Posted in: Commercial Insurance
As mentioned in the first installment of this blog series, cyber risk management has become a mission-critical activity for a long-term viability of any organization, which should be driven by leadership and involve all technology users. But often, building and implementing a cybersecurity risk management plan is quite challenging for non-technical executives. To help, in our last post, we identified five common, proven workplace safety culture strategies with which most organizations are likely familiar and can use to improve their cybersecurity risk management plan. Here are four more proven best practices.
1. Workplace Safety Culture Strategy: Near-miss Investigations
The best-in-class risk and safety management efforts include an analysis of all near-miss incidents. If an employee was almost hit by a falling object, that incident should be investigated as thoroughly as if the employee was actually injured. This allows the root-cause to be uncovered and allows corrective actions to be taken. Then, you should share the lesson learned company-wide to avoid a repeat incident BEFORE it results in a large loss.
Cybersecurity Risk Management Plan: Ongoing Preventive Cybersecurity Awareness Efforts
With the increasing number of cyber security threats, most businesses have already experienced some type of event that could have resulted in a cybersecurity failure. In some cases, a cyber-savvy employee was the hero; in other cases, perhaps it was pure luck that a major cyber failure was avoided. Sharing the lessons learned from these near-miss incidences with your employees helps them develop a heightened awareness and an understanding of how to protect your organization from potential cyber incidences during their daily activities.
2. Workplace Safety Culture Strategy: Post-Incident Investigation
When an injury or accident does occur, a root-cause incident investigation should typically be conducted, which analyses the chain of events. It often uncovers several issues that cumulatively caused the accident. With this information in hand, you can prevent future incidents from reoccurring by implementing corrective actions to all contributing factors.
Cybersecurity Risk Management Plan: Incident Response Planning – Lessons Learned
Every organization should have a documented Incident Response Plan (IRP) that provides guidance during a privacy event or cyber incident. I highly recommend developing your IRP in close coordination with legal counsel experienced in cyber security, data and privacy laws and regulations. A good plan typically includes a section dedicated to Lessons Learned, as well as other critical elements, including incident response team roles and responsibilities, detection, incident assessment, communications strategy, and recovery.
The Lessons Learned section helps the organization look back at an incident and determine what happened, how it happened, how your organization was impacted and what you could do to prevent a similar incident. It is important to share with leadership the information gathered post-incident and the resulting corrective actions. Make sure you also discuss these cases during your regular employee cybersecurity awareness trainings. Case studies of actual incidents can even be included in the organization’s IRP as playbooks to help the organization quickly respond to similar events in the future.