• Incident response costs and 24/7 emergency hotline – the people you call when a cyber incident has occurred;
• Notifying third parties about the data breach, including mandatory notification (i.e. mandatory for companies with a turnover of $3M+) and voluntary notification to clients, service providers or otherwise;
• Performing computer forensics to determine the existence, cause, and scope of a network compromise or data breach;
• Public relations costs associated with mitigating any reputational harm; and
• Providing credit or identity monitoring and identity protection for those individuals whose personal data was or may have been breached as a result of a network compromise or data breach.

• Loss, theft or failure to reasonably protect personal data or confidential business information;
• Violation of privacy laws or data breach reporting requirements;
• Failure to implement adequate privacy or network security practices;

• Negligence resulting in a failure to prevent a network compromise that results in:

1. Damage or loss of use to a third-parties computer system or data; and
2. Transmission of malware or a denial of service attack to a third party;

• Failure to comply with your privacy policy and/or privacy notice.

• Libel, slander or any other defamation or harm to a third party;
• Copyright infringement, intellectual property rights infringement, plagiarism or misappropriation of property rights;

• Misstatement or misrepresentation under the terms of the Competition and Consumer Act;
• Infliction of emotional distress or mental anguish; among others

There will be certain steps the IT team (yours or the one nominated by the emergency response team) will take to restore your system’s security and resolve the breach; this can include:

• Removing access to internal systems or changing passwords if a user’s account details have been compromised;
• Taking parts of or your entire system offline;
• Implementing temporary firewalls;
• Blocking traffic to your website; or
• Transferring important files to a secure location.

This can be a complicated process, which is why it’s important to have access to the specialists who can handle the situation appropriately and mitigate the problem before it potentially gets too severe.

• A plan to restore systems to normal operation
• A process of continual monitoring to confirm that the affected systems are functioning normally
• A plan (if applicable) to remediate vulnerabilities to prevent similar incidents.

This is something your IT team should be able to assist with.

• Communicating with Clients & Service Providers:

This depends on the impact of the cyber incident – sometimes the event doesn’t warrant communication with these parties, in which case it is usually best practice to skip this step. Alternatively, communicating with these parties can be mandatory in certain scenarios and/or vital to your business. It is important to identify which of these options apply to your business, which is where your emergency response/crisis management team can assist.

If you are going to communicate with these parties, we recommend you wait until you have enough information to pass on a complete message to help avoid miscommunications and misunderstandings.

• What happened and why did it happen?
• What systems/services are affected?
• What steps are being taken to resolve the situation?
• Is it possible to say when the situation will be resolved?
• What are external stakeholders expected to do?
• Who can external stakeholders contact if they have questions/concerns?

Depending on the size of the cyber event and your business, it may be worth appointing a public relations firm to assist with the communication step.

• Communicating with Regulators:

Certain rules & regulations around mandatory notification of privacy breaches may apply to your company. We recommend you know when to notify before any breach occurs, as you could face fines & penalties if you don’t notify within a specified time period.

• Don’t rely on digital make printed copies of your response plan, including important contacts (emergency response, IT provider, insurance broker);

• Prepare your employees on what to do if a cyber incident occurs knowing what to do and acting quickly is integral to preventing or reducing a loss;

• Give team members specific roles and responsibilities to respond to a cyber incident;

• Educate employees on how to identify a cyber event.

Phishing & Social Engineering
Fraudulent communication aimed to trick you into sharing private information or downloading viruses.

Malware
You may know it as a “virus” – various forms of harmful software that hackers use to wreak havoc on your computer or network