Have You and Your Team Prepared for a Cyber Event? Do you have an Incident Support Coordinator? Do you have a playbook?
Letās be honest: cyber threats arenāt just possible anymoreātheyāre expected. Whether itās a ransomware attack, a phishing scheme, or a full-blown data breach, dental organizations of every size and specialty are at risk. The real question is: is your team prepared for when it happens?
You Need a PlanāNow
Hope is not a strategy. When a cyber event strikes, panic is the enemy. Thatās why every dental organization needs a tested, actionable cyber incident response plan. If you’re reading this and don’t have one in place, it’s time to start building it now.
Whoās Your Point of Contact?
If something happens, who is your point of contact for IT support? Which employee on your team is making the call as the incident support coordinator?
More importantly, does everyone in the company know who it is that they need to call or report to?
You need to identify a cybersecurity incident support coordinatorāsomeone responsible for managing the response. This person must be clearly communicated across the team. Make it known, and make it clear.
How and When Will You Notify Them?
A point of contact is useless if no one knows when to reach out to them. Train your team to see problematic scams and that itās important to reach out as soon as they see something wrong or suspicious.
Define the notification process. What triggers an alert? Who escalates the issue? Whatās the communication chain? All of this should be documented, and every employee should be trained on it.
Do You Have a Playbook?
A cyber incident playbook is not optional. You need predefined steps that your team can execute immediately when something goes wrong.
Here are a few critical actions you may want to include in your plan:
- Notify the incident support coordinator
- Engage your IT/security response team per the escalation plan
- Notify leadership and legal/compliance as needed
- Disconnect compromised systems from network/firewall access immediately
- Preserve evidence without tampering
- Communication plans āinternally and externally
Need more suggestions? Check out this article for more information.
Have You Tested the Plan?
A plan is only as good as its last test. Whenās the last time you ran a tabletop exercise or full incident simulation?
Testing reveals the gaps you donāt know exist until itās too late. You donāt want your first test to be a real breach. By running a test early, your team can fill the gaps and fix costly mistakes before itās too late. It will also prepare them for what to look for on a day to day basis.
Your IT service provider should have a way to run the practice test, and if they donāt, you may want to find one that does.Ā If you’re looking to get that tested now, reach out to our team for a visioning meeting today to see how InTech Together can help your team.
Cyber events arenāt āif,ā theyāre āwhen.ā Will your team be ready?
