2021十大正规彩票app经纪公司是网络犯罪的潜在目标. Knowing what to do before and after a cyberattack can help minimize your costs.
John Mondics is President of Mondics Insurance Group, a 德州2021十大正规彩票app经纪人® risk management partner. Here are seven steps he recommends for addressing these threats.
以前:在你需要帮助之前就寻求帮助
在你的生意出问题之前, reach out to an attorney who specializes in cybercrime who could help you respond to an attack, Mondics说.
“A family lawyer or real estate lawyer may not be the best person to contact,” he clarifies. “You need someone who specializes in this field and knows what to do about notifying customers.”
提前建立这种关系. An hour of an attorney’s time will be a small price to pay in retrospect, 他说.
以前:建立一个强大的防御
Make sure your computer systems are secure and have strong defenses in place. 培训每个访问系统的人安全使用它们. Dual authentication is now a standard procedure, Mondics说.
A cybersecurity firm can advise you about the best measures to put in place. Just like with the attorney, Mondics recommends connecting with a firm before something happens. That way, in your hour of need, experts will know your systems and be able to respond quickly.
以前:考虑网络保险
网络保险通常是一项单独的政策. 一些航空公司为现有保单提供网络背书.
“Cyber coverage is like selecting a limit of liability insurance,” Mondics说. “You don’t know what limit you may need until after an occurrence. 我会得到多个引号. 你可能不需要最广泛的覆盖. 它确实有助于重建和支付费用. For most small businesses, they can afford a little higher premium to prevent that big cost.”
您的业务可能不需要全面的覆盖. Mondics recommends reviewing your systems and budget and considering what potential losses could look like.
有些公司完全不买网络保险. He says their logic is based on the assumptions of insurance costing $2,000 to $3,000 a year and the business making it 10 to 15 years without an incident. They may refer to it as self-insurance, but it’s really being uninsured, he adds.
Mondics remembers one small business that was hacked and didn’t have any cyber coverage. 费用总计达数万美元, 但很容易就会更多, 特别是如果企业已经遭受了多重损失.
自我保险对你的企业来说可能是一个有效的选择, but it is a bad decision if you choose it out of ignorance of your needs and options, 他说.
之后:关上大门
Many businesses give remote access to their agents, vendors, suppliers, or other trusted partners. If you believe your firm has been attacked, immediately disconnect remote access, he recommends. 他解释说:“你的服务器或网络可能会受到威胁. “关闭它以防止任何进一步的问题.” Then your experts can try to figure out what happened and how the criminals got into your systems.
事后:不要试图自己解决问题
也许你或你的代理人认为自己精通技术. In the case of cybercrimes, do not attempt to fix problems yourself, Mondics cautions. Hire a qualified cybersecurity company to ensure that any problems are fixed, 解决任何漏洞, 更好的系统也在不断完善.
事后:打电话给当局
Next, notify local, state, and federal authorities, including the FBI. “The authorities will then tell you what to do,” Mondics说. 如果数据泄露影响到250名或更多德州人, you are required to report the event to the Office of the Texas Attorney General within 30 days of the discovery of the breach.
Reach out to the cyber attorney you connected with beforehand. 也要打电话给你的保险公司,让他们知道你的情况.
之后:联系受影响的各方
Your attorney will advise you on how and when to notify those who were affected or potentially exposed by the cybercrime, Mondics说.
When you contact stakeholders, be clear about what happened and what steps you are taking. There is nothing to be ashamed of when admitting your firm has been hacked, Mondics说.
Your liabilities should be limited if you’ve prepared in advance and taken the correct steps to protect yourself and notify stakeholders.