Please check out PIA’s new program to offer opportunities to prepare for Cyber Security WINNING@CYBERSECURITY DEFENSE
TRACY OESTREICH, CIC, CPIA, AU, CPIW PIA National Director
Cybersecurity poses an existential threat to 2. Delivery of the assessment report, usually every PIA member (and clients too) and should within 5-7 days, which covers agency cyber not be considered a discretionary investment. vulnerabilities directly and through your Cybercrime is a truly unique peril – in that vendors, including agency management it literally affects every agency and business systems. The report also includes a review client, regardless of demographics, weather of an agency’s current IT service provider conditions or local construction codes. Unlike (if they use one) because too many agencies hail, windstorm and fire, however, cybercrime assume their cybersecurity needs are already is the least understood both in its far-reaching met when, in fact, many fall far short given financial and reputational costs but also in how the escalating risk. The reports run 10-14 to MITIGATE it effectively. PIA members pages and includes detailed action steps in have already been hacked, as have vendors easy-to-understand, non-technical terms. serving members. Regulators and insurance 3. Post-report consultation (30-45 minutes) companies are also requiring, through to discuss findings and lay out action steps, regulations and new agency agreements, to including ones that could be performed by sharpen up their cybersecurity defenses. Is your current IT service provider. The report your agency prepared? should be shared with them. Discounts on additional cybersecurity services for PIA PIA has a new program that can help you members offered as well. prepare. It is practical and action-oriented. 4. Follow-ups at 30, 60 and 90 days to discuss The program is Winning@Cybersecurity actions taken or planned. Defense, and it has four parts. Part 1 covers A one-time cost for the assessment is $549.00. Cyber Risk from A to Z. In this section, you Rising cybercrime and unfettered data sharing can grow your knowledge of cyber risks and continue to threaten agencies and clients issues they can cause. Part 2 discusses Cyber Risk Insurance Protection. This section shares alike. Agencies and the vendors they use can no longer take data security for granted. information about the various aspects of insurance. Part 3 is the Cyber Risk Assessment. Protecting agency data must be one of our primary focuses with regulatory, insurer This step is one of the most important steps and consumer demands to mitigate rising you can take to assess your agency’s risk. Part cybercrime. 4 covers Cyber Resources for Your Agency. This last section shares a variety of tools and Check out all this and more for Inquiries and vendors. I would like to share more on the assessment orders: https://www.pianational. specifics of Part 3 – Cyber Risk Assessment. org/pia-partnership/winning@cybersecuritydefense-program. PIA members will receive a The Cyber Risk Assessment, developed quick response. specifically for agencies, includes: 1. Initial discussion to determine agency familiarity with cybersecurity, mitigation actions taken, cyber coverage discussions with clients (do they initiate conversations or only respond when asked), and the degree of reliance on third-party vendors. This takes less than 30 minutes.
MAY/JUNE 2022 [ 28 ]
Every agency is at risk. Every business is at risk, no matter how small. The first step is to get smarter about the risks and the insurance programs that can cover the risks. WINNING@CYBERSECUIRTY DEFENSE will help make your agency stronger and help make your customers stronger.
