Boards must pro-actively support the development of a cyber-breach response plan

The preparation of a cyber-breach response plan is a key component of the risk mitigation plan. It should include constituting a multi-disciplinary response team, gathering all documents related to incident response, reviewing legislation and finally building the plan that includes post breach communication.

The cyber-breach response plan must be carefully planned, action-oriented and it should clearly define the roles and responsibilities in executing the plan. To be efficient it has to be regularly re-visited, with changing company strategies and assets to protect.