ARTICLE
Cybersecurity Tips for Executives and Boards of Directors
Every Organization Should be on High Alert
Reinforce
Reinforce Basic Cyber Hygiene. Conduct regular vulnerability scans; conduct penetration testing – consider engaging ethical hackers/bug-hunters; perform necessary patching; ensure endpoint security tools are in place and ready; implement or reconfirm Multifactor Authentication (MFA) is in place; check your back-ups and test your restoration process.
Assess
Assess Supply Chain Risk. Collateral damage from cyber-attacks targeting Ukrainian government websites may disrupt shipping lines and logistics firms; monitor and evaluate connectivity from foreign geographies, especially Ukraine and Russia – consider implementing temporary IP geo-blocking.
Review
Review Incident Response and Business Continuity Plans. Conduct drills; make sure all crisis response team members are aware of their role and designate alternates in case primary team members are unavailable; reconnect with or retain legal/breach counsel and cyber security firms for incident response services.
Evaluate
Evaluate Risk Transfer Mechanisms. Review cyber insurance policy and any other potentially applicable insurance products; review contracts with vendors, business partners and other third parties; ensure you and all key members of the organization have hard copy versions of your cyber insurance policy.
Connect and Communicate
Participate in information sharing groups within your industry sector; connect with regional Cybersecurity and Infrastructure Security Agency (CISA) representatives and the local Federal Bureau of Investigation (FBI) field office.
Train and Practice
Conduct holistic tabletop exercises with all key organization members; increase the frequency and complexity of phishing exercises and employee training.
If your firm is confronted with cyber risk issues, please don’t hesitate to contact us for a solution.
AUTHOR
Kristen Walker, CRIS, LEED
Kristen is a client executive and broker with Greyling, a division of EPIC. She is experienced in the unique coverage needs of both contractors and design firms. She works with mid-sized to large clients, many with global exposure and complex insurance programs.
Kristen founded the Greyling | EPIC sponsored Women in A/E/C Networking Events that provides a forum for relevant industry topics to be discussed by leading and up-and-coming women in a relaxed environment.
Kristen joined Greyling in 2012. Prior to that, she was a Senior Underwriter at Zurich focusing on both project and practice professional liability policies for owners, contractors, and designers. Kristen holds Construction Risk and Insurance Specialist (CRIS) and Leadership in Energy and Environmental (LEED) Green Associate designations.