Three Pillars of a Good Cybersecurity Plan; The best way to prepare for a cyber-attack is to know exactly what you would do if one occurred.

By Dennis Ast, CPUC, CCIC, OneGroup

Cyber-attacks and their corresponding insurance claims are on the rise. We all spent more time in the virtual space last year than we ever had before, making it imperative that we really think about the increased risk that virtual work, school and living presents.

As our lives rapidly shifted into the digital space last March, hackers got to work. Cloud breaches, “Zoom bombing” and misleading links promising coronavirus cures and statistics costs companies billions in claims and ransom payments. Virtual schooling and telecommuting forced cybersecurity professionals to work in high gear.

You should be thinking about your cybersecurity plan more than ever, and if you are, make sure you are including cybersecurity measures, contingency planning, and risk transfer with a solid cyber insurance policy.  The worst time to try and establish a cybersecurity plan, or to put an insurance policy in place is after the breach has occurred.

Cybersecurity measures

Make sure you have done all you can to prevent cyber incidents. 


Keep your software up to date, use and be familiar with multi-factor authentication and strong password protocols, and train your team regularly on how to spot phishing or malware attacks. Install reputable NextGen anti-virus software and establish protocols for remote employees. Keep your data backed up and test these backups often.

Be sure to consider all possible goals of a cyber attacker, too. Some want money, others want trade secrets or patents, and still others could want something entirely different. Be sure your risk management plan addresses any possible motive.

Contingency planning

If 2020 taught us anything, it is that we need strong contingency plans for every circumstance. Talk with your team about what you would do if you could no longer access your network or files. Know how you would reach your team, your clients and how you would access your backed up data if necessary.

Risk transfer with a solid cyber insurance policy

Cyber-attacks can be incredibly costly. After you are through paying for legal services, tech services, fines & penalties, ransom, etc., you could be looking at a bill in the millions. Cyber insurance can cover your business’ cyber liability, the costs of restoring or repairing your systems or data and more. Insurance carriers often impose certain exclusions and sublimits, though, so be sure to work with a trustworthy broker who can explain your policies to you in a complete and understandable way.

In the end, the most important phase of your cyber response plan is knowing what you will do immediately after you discover it. Know who you will call first and know what you will need to ask them. You do not have to face these incidents alone, and in fact, you should not face these incidents alone. Have the phone numbers of people like the police, your lawyer, your insurance broker and policy number and cyber claim reporting handy. Make sure you have got a team that will have your back if the worst were to happen to you.

For more information on Cybersecurity you may reach out to Dennis Ast, Senior Account Executive Cyber Risk Specialist at OneGroup.  He can be reached at or 716-572-2410.



Tim DeLany joins Five Star Equipment as its Used Equipment Manager