4. Test your incident response plans thoroughly
Organizations must have designated people and formal processes in place to determine the “material impact” of an incident and to communicate with relevant authorities by the stipulated deadlines.
Testing and preparedness of incident response plans will be crucial. Sometimes when groups are brought together from a diverse set (legal, IT, finance, third parties, etc.), but are not accustomed to working together, then this can cause unwarranted confusion during mitigation efforts.
5. Return to fundamentals
In cybersecurity, it’s always wise to sort out the basics. Understand what constitutes a material breach. If you’re a public company, there should already be legal and business teams that are fully versed in the concept of materiality and have experience applying it in other contexts. Learn from them. Evaluate any existing oversight structures at the board and management level and determine whether any improvements are needed. For example, providing ample space for security discussion on the board agenda or appointing a dedicated cybersecurity committee.
