The 3 R’s to remedy a cyber breach

When hackers penetrate your public and private networks, it can lead to devastating consequences. A data breach can not only destroy a company's electronic data, it can also bankrupt a business.

The average data breach costs $4 million, according to a 2016 study from IBM. The study also reports that the average cost incurred for each lost or stolen record containing sensitive and confidential information increased from $154 to $158 over the past year.

Related: Does traditional coverage apply when cyber attacks cause physical damage?

When it comes to the volume of attacks, the numbers are simply staggering. It is estimated over 900 million records of personally identifiable information (PII) have been stolen in the U.S. over the past few years, according to

Any company in any sector can be hacked. So what should business do if they are the latest victim of a breach? Having a proactive cybersecurity strategy is a company's best defense. Following these three essential R’s is a defense strategy that should be stored in every company’s first aid kit:

1. Recognize

Identifying the source of the incident is paramount to minimizing the resulting damage. Internal controls play a significant role in identifying a hacker’s point of entry.

2. React

A company’s incident response plan to unauthorized access should be able to cut off the access point, slow down the intruder, preserve the environment that has been compromised and speed up recovery. This can be accomplished through proactive monitoring, user training and a layered security approach.


3. Recover

The regulatory environment surrounding the compromised data may require the implementation of long-term corrections. Both HIPAA and the PCI DSS will ask for monitoring and due diligence related to the security of their respective records. First priority goes to fixing the problems that led to the breach.