The Coronavirus is a Cybersecurity Risk. Here’s how to Plan for the Worst.
By Mikaela Berman, Director of Demand Generation
November 2020

No More Excuses—Create an Incident Response Plan

With the exponential growth of cyberattacks, the question is not if a breach will occur, but when. Every organization now needs a plan that addresses the cyber threats lurking in the shadows, waiting for an opening.

With COVID-19 throwing enterprise systems into chaos, organizations have detected 445 million security breaches since the beginning of 2020. But, only 14% of businesses are prepared to defend themselves

Threats—including phishing, spyware, and ransomware—continue to evolve and multiply. The effects of a global pandemic, such as attacks on unsecured networks, reveal vulnerabilities in the nascent cybersystems of a fully-remote enterprise. Because of the elevated risk of a breach, any business must have a rock-solid Incident Response Plan (IRP) that is both current and well-researched. So why isn’t this a higher priority for many organizations?

Often, we hear the following excuses for the lack of planning around cybersecurity.

Excuse #1: “Preparing for a cybersecurity attack is too expensive.”

The longer it takes to embrace a strong security plan, the more expensive it becomes. If the system experiences a breach and there is no protocol in place to manage the crisis, more than likely, it will cost more money to fix the problem than it would have cost to prevent the problem in the first place. The average cost of a cybersecurity breach is over $1 million, and the price is far worse for large organizations like Marriott, which faced a $126 million fee in 2018.

Adopting a strong IRP now saves money, time, and headaches down the line. It’s worth the investment. 

It will cost more money to fix the problem than it would have cost to prevent the problem in the first place.

Excuse #2: “We’ve never had an IRP before, and we’ve been fine.”

A cavalier attitude provides a false sense of security. Just because one person doesn’t suffer a head injury when crashing a bike doesn’t mean another person shouldn’t wear a helmet. Expect to have a crisis. Even if the business has been running safely for decades, accept the reality that today’s world is incredibly different from generations before.

Even if the business has been running safely for decades…today’s world is incredibly different from generations before.

Excuse #3: “I’m pretty sure we have an IRP. We don’t need a new one.”

It’s wise to both know if the company has an actual IRP, as well as the location of the plan. Also, if the IRP isn’t frequently updated or used for training, it’s time to create a new one. This plan will be the most valuable protocol during a data breach, and confidence in the material is crucial. It’s better to be proactive than reactive in a crisis. 

Creating an IRP

So, you’re ready to develop a security plan for your business. How do you know where to begin? What is the silver bullet to stop hackers? And what steps must someone take to ensure an IRP is a smart investment?

STEP 1: Audit your system.

Every enterprise should hire a highly technical security team to audit your system and identify your weaknesses. 

Once a team examines a system, they pinpoint potential risks and create a threat model. From that model, you can scrutinize different scenarios and make an informed decision on which IRP is best for your system, your business, and your budget. Having an IRP is imperative, but if you don’t have experts who know how to fix the problem in the moment, you might as well not have a plan at all.

STEP 2: Determine how much you’re willing to risk.

A company may have a checklist of best practices that are commonly known. But, they can check all the boxes and feel like they’re done, yet remain vulnerable to more sophisticated attacks. The reality is that no amount of money keeps a system 100% bulletproof from a digital attack. So, you have to make decisions based on risk tolerance. 

To what degree are you comfortable with a potential security risk? What is the price you are willing to spend to repair your company’s reputation loss? Do you have a budget set aside for the regulatory fines or legal fees associated with a data breach? These questions determine the tools and measures to take.

To what degree are you comfortable with a potential security risk?

STEP 3: Bring aboard the right expertise. 

Start with a firm IRP foundation and then fill in the details. Once you’ve identified the individuals who will play a major role in the company’s crisis management team, make sure you have IT representatives present who can both determine the type of breach that has infiltrated the system and the necessary skills to shut it down. They must be aware of the latest industry threats and have a plan for each scenario. 

STEP 4: Make security a part of company culture.

Most individuals overlook an entire segment of security, and that piece is awareness. Fostering community among remote teams is complicated. Add a crisis to that mix, and you’ve got an even bigger challenge to overcome. 

Educate employees on the different solutions the company provides to mitigate risks, whether they are working under one roof or remotely. Individuals need to know what security systems are in place to protect themselves and the company. 

Moreover, they need to embrace the importance of cybersecurity and what it means for the wellness of the company and their jobs. The goal is to make security a part of company culture. Employees should see security as a part of their job, not Big Brother watching and waiting for them to make a mistake. Ensure that security practices are approachable, and people have the tools they need to succeed; otherwise, adoption is unlikely. And if it’s not adopted, it’s useless.

Although you can’t predict a cyberattack, you can prepare for one. It requires a change in mindset. Think of cybersecurity as an operational necessity to a strategic asset—revealing new strengths and fundamental weaknesses to resolve. Embrace it as an opportunity rather than an expense. 

Employees should see security as a part of their job, not Big Brother watching and waiting for them to make a mistake.

Are you looking for expert support on your remote transformation efforts or creating and implementing an incident response plan? We’re here to help. Theorem is an innovation and engineering company who builds custom software for companies making bold bets to stay ahead. Reach out to or call 1 (888) 969-2983 to book a free consultation.

Luis Laimer, DevOps Engineer at Theorem

Luis Laimer is an experienced security analyst with a career spanning more than 15 years. He is a former Certified Information Systems Security Professional and active speaker within the security and tech communities. Before joining Theorem, Luis was part of the global information security team at ThoughtWorks and worked as a security consultant in various fields spanning four different countries. He uses a practical and business-focused approach to enhance information security.

Joe McIlvain, Software Architect and Engineer at Theorem

Joe McIlvain is a Solutions Architect and Engineer, focusing on the design and implementation of distributed systems. He helps Theorem’s clients to challenge premises, identify costly problems before they happen, and execute quickly on solving some of their most challenging business issues. He joined Theorem in March 2015. 

By Mikaela Berman, Director of Demand Generation
November 2020

Mikaela is a marketing executive with over 10 years of experience and a demonstrated history of working in technology, consumer products, healthcare, and professional services. She is currently in charge of all things marketing and demand generation at Theorem.


AvatarAvatarChris B.says:

Right here is the perfect web site for anybody who wishes to
find out about this topic. You know a whole lot its almost
tough to argue with you (not that I really would want to…HaHa).

You definitely put a new spin on a topic that has been discussed for
ages. Excellent stuff, just excellent!


Hello! I’ve been following your blog for a while now and finally got the bravery to go ahead and give you a shout out from Kingwood Texas! Just wanted to say keep up the good job!|

AvatarAvatarCathryn B.says:

Hi there I am so excited I found your website, I really found you by mistake, while I was looking on Google for something else. Nonetheless, I am here now and would just like to say kudos for a remarkable post and an all-around thrilling blog (I also love the theme/design). I don’t have time to go through it all at the moment but I have bookmarked it and also included your RSS feeds, so when I have time I will be back to read much more, Please do keep up the superb work.

Add a new comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Your email address will not be published.