Four Questions to Ask After a Cyber Attack

Four Questions to Ask After a Cyber Attack

August 12, 2019 Business Insurance and Risk Management, The Beacon Blog 0 Comments
  1. In order to respond to a cyber attack, an organization needs to ask the right questions. As posted by Cyber Security Intelligence (, Andy Pearch of CORVID lists four questions all organizations must be able to answer in detail to prevent another similar attack.
  2. How and where did the breach take place? Security professionals need to know exactly what went wrong.
  3. What information was accessed? Specific files must be identified to determine the impact on the organization, including whether the breach needs to be reported.
  4. How can systems be recovered quickly? Prompt identification and remediation eliminates or at least reduces downtime and reputational damage.
  5. How do you prevent a recurrence? Every breach should be a learning experience about how to spot unusual activity. A “managed detection and response” approach investigates suspicious activity and manages breaches once detected.

Today hackers use the same tools and tactics as bona fide users. Total protection is not possible. Rapid detection and remediation is the only proper response to cyber threats.

About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.