Itâs not if but when a business will experience a cyber breach. Which means itâs vital to be prepared before one happens.
 The first step for a small business experiencing a cyber breach is to enact its cyber security incident response plan.
 âIf a cyber breach happens, donât touch anything, call for help,â says Technologiesâ Chief Information Security Officer, Alexander Moskvin.
 âEngage professionals at the first sign the system has been compromised. They will be able to triage the situation and provide advice about the nature of the event,â he adds.
Having a relationship with cyber security experts in advance is vital so you can act immediately when a cyber breach occurs. The right level of service for your business will depend on its nature and budget.
Some businesses need access to 24/7 support. That support includes businesses for whom not being able to access their data for a period will have a significant revenue impact.
For instance, letâs say a restaurant is the subject of a ransomware attack on a Friday and cannot operate over the weekend. Around-the-clock cyber security support may be essential so it can trade during the busy weekend period.
 Other businesses may only require cyber security support during business hours.Â
Â
Cyber security incident response plans for small businessÂ
 The federal government has published a guide detailing the steps to follow when a cyber breach occurs. This is a good place to start designing your incident response plan. While the governmentâs guide may be too comprehensive for most small businesses, it contains many of the essential elements every plan should include.
âA one-page plan will be sufficient for most small businesses,â says Moskvin.
Most plans should include service provider contact numbers to call when a breach occurs.
âIf you have cyber insurance, you need to notify your insurance company,â says Moskvin.
It may be appropriate for your plan to also include a protocol for notifying people in the business and under what circumstances.
For instance, as a business owner, you may require immediate notification if the breach involves your customersâ personal data. But you may not necessarily require notification simply if a virus is detected and it has not yet entered the system.
Itâs also often essential to outline the method of communication for different breaches. In the example above, the plan may state you should be notified by phone if customersâ personal data is involved in the breach.
But if a virus is detected, email or SMS notification may suffice.
âItâs up to the company to work through a range of different scenarios and what constitutes a high-risk and low-risk notification to senior management. A traffic light system where different scenarios are classified red, amber and green can help,â says Moskvin.
Â
Steps to follow after a cyber breachÂ
During a cyber security event, itâs vital to keep to the guidance of your cyber security experts.
âOften what happens is users click on a message or pop-up window that says the companyâs information has been encrypted and clicking a link will reveal instructions to get access to the data. But this may be just a threat and the system wonât yet be infected. Itâs only when the link in the message is clicked that the system will be infected,â advises Moskvin.
If a compromise is confirmed, it may be necessary to notify affected individuals or companies or the Privacy Commissioner.
While cyber insurance may be essential, it should only be considered a last line of defence.
Small businesses must have an incident response plan and know who to contact in the event of a cyber breach to help reduce any damage and get back on their feet as soon as possible.
Â
Â
Important notice â Steadfast Group Limited ABN 98 073 659 677
This general information does not take into account your specific objectives, financial situation or needs. It is also not financial advice, nor complete, so please discuss the full details with your insurance broker or adviser as to whether these types of insurance are appropriate for you. Deductibles, exclusions and limits apply. These insurances are issued by various insurers and can differ.