Create a cyberattack response plan for your small business

August 22, 2023 | SECURA Insurance

As a small business owner, protecting yourself against the threat of cyberattacks is important. The financial, reputational, and emotional cost of a data breach can be devastating – and can threaten your company’s existence. Putting proactive measures in place, including employee training, investing in encryption software, and creating two-step authentication processes, can help reduce the likelihood of a successful attack. It’s equally important for you and your employees to have a Cyber Incident Response Plan ready in case your business falls victim to a data breach.

Follow these steps to start your plan:

  1. Build a Cyberattack Response Team with representatives from all departments that will need to act in response to the attack, e.g., upper management, IT, sales/marketing, communications, HR, and legal.
  2. Identify critical company assets most likely to be targeted and vulnerable. This could include employees if their cyber risk knowledge is low.
  3. Research, identify, and contract with external expertise and data backup services if you do not have in-house resources and expertise to manage a cyber breach.
  4. Create a detailed response checklist to capture the source of the attack, outline how to contain the breach and backup and restore data, and list lessons learned.
  5. Develop a communication plan including key audiences, communication vehicles, and timing in the event of a breach. It’s critical that employees, customers, and those whose personal information has been compromised be notified as soon as possible.
  6. Practice executing your response plan by testing hypothetical scenarios.

If your company’s data is breached, here are the key processes to remember.

  • Investigate the source of the breach and identify the computer or network where the attack originated.
  • Attempt to isolate the infected device(s) to minimize damage.
  • Evaluate the scope of what data was impacted by the breach.
  • Seek legal advice on complying with rules and regulations about reporting a data breach and the legal implications for your business.
  • Inform your insurer about the breach, if applicable. Cyber liability insurance coverage may cover the total cost of the incident, or the damages suffered by affected parties.
  • Notify all affected parties. If unknown, communicate with anyone potentially impacted by the breach.
  • Consider issuing a public statement if the impact of the breach is significant.
  • Clean your systems starting with quarantined devices and networks.
  • Restore lost data by identifying the most recent backup that was not affected and can be used to restore lost data.


© 2023 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved. This document is intended for information purposes only and does not modify or invalidate any of the provisions, exclusions, terms, or conditions of the policy and endorsements. For specific terms and conditions, please refer to the coverage form.