also work to educate their employees about lurking cybersecurity threats, such as phishing and spoofing, so that employees can more readily identify these threats in real time.
3. DEVELOP A PRACTICAL INCIDENT RESPONSE PLAN AND TEST IT. The first 24 hours of any possible data breach incident are critical. A business can make many mistakes during this short period of time that A can set the tone for its ongoing response efforts. An effective and tested incident BUSINESS response plan that outlines precisely SHOULD TEST how to respond when a breach hits can ITS INCIDENT minimize mistakes. RESPONSE PLAN In crafting an incident response plan, distillers should first identify REGULARLY the key individuals to include in the THROUGH incident response team. Depending A BREACH on the size of the business, the incident response team may consist of SIMULATION a few people, but ideally would include EXERCISES. the individuals (some may wear multiple “hats”) who handle issues related to legal, IT, finance, human resources, and public relations. These individuals should understand the day-to-day
operations of the business functions or unit they represent. The incident response plan should identify the names and contact information for the individuals included on the team. It should also outline each individual’s responsibilities in responding to the breach — from the moment of discovery through notification and beyond. The incident response plan should guide the business through the initial steps to take from the minute an actual or potential incident is identified. It should provide a road map for the incident response team to follow when handling a live situation, including when and how to engage outside counsel and other vendors and whether to contact law enforcement or regulatory bodies. A communication plan should outline the parameters of when the incident response team should inform key shareholders of a breach. A business should test its incident response plan regularly through a breach simulation exercise, commonly referred to as a tabletop exercise. A tabletop exercise will help determine whether the incident response plan will function properly in the event of a crisis. Lessons learned from annual testing should be considered and used to update the incident response plan.
4. HAVE SUFFICIENT BACKUPS. With the rampant use of ransomware among hackers, businesses must have a well-thought-out business continuity plan and an
The magazine for craft distillers and their fans.