In Focus Resource Center > Insights

Failing to Plan Is Planning to Fail

By Kevin Ricci .

It has been said that a data breach is not a matter of “if,” but a matter of “when.” Against the ever-increasing sophistication and efficacy of cyberattacks, staying secure is akin to Sisyphus rolling a boulder uphill for all eternity. Criminals have an uncanny ability to stay one step ahead of the latest defenses, finding backdoors to circumnavigate the latest and greatest security solutions, ready to pounce on one misconfigured setting or unaddressed vulnerability. The following examples are just a fraction of the disastrous fates that lie in the wake of a cyber incident:

  • A construction company was breached by an attacker who, after deleting all data residing on the servers, wiped out the cloud backups as well, leaving the company unable to access any of their information.
  • A healthcare entity was struck by ransomware during their busy season, instantaneously bringing their ability to provide services to a halt until they paid a six-figure ransom to decrypt their data.
  • A manufacturer had their most sensitive client data stolen and then surreptitiously exposed on a public file sharing site, laying bare the entirety of their clients’ sales history, replete with pricing and payment information.

If compromise is in fact inevitable, it is imperative that a business prepares to respond so that recovery can be as expeditious a process as possible. The two key elements of response preparation are developing an incident response plan and having the right resources to quickly help restore operations after an attack. According to the Ponemon/IBM Cost of a Data Breach Report 2020, organizations who have formed incident response teams and test their incident response plans reduced the average total cost of a data breach by $2 million.

The first element, an incident response plan, should include detailed action steps, communication protocols, and other key information needed to help execute the recovery game plan. And while having a plan is crucial, testing the plan on a regular basis is just as important. Members of management from all departments, not just IT, should partake in the testing process so that everyone can efficiently execute their responsibilities in the event a real incident should occur.

The second element, a dependable expert resource to help with the restoration, is essential to have in place. Unless a business has internal forensic and restoration expertise in place to tackle a cyber-attack, they will need an external resource standing by. This resource should possess the relevant certifications to confirm their credentials are legitimate and they should be available at a moment’s notice.

Having the right response team on retainer can be the difference between experiencing a few hours of inconvenience as opposed to several weeks’ worth of downtime. To help companies mitigate the trauma that accompanies a cyberattack, Citrin Cooperman has developed CyberSecure, an incident response team that delivers readiness and rapid response services to help companies prepare and respond to data security incidents or breaches. This elite cyber cavalry brings many benefits, including:

  • Peace of mind that a 24/7/365 incident response team is at your service
  • Front-of-the-line access to our rapid response breach recovery team and network partners
  • Establishment of a proactive zero cost incident response engagement letter with terms and conditions to expedite the data breach response time
  • Opportunities to obtain discounted rates when combined with our other cybersecurity services

To help get the right response resources in place, consider setting up a meeting to discuss how Citrin Cooperman can help protect your business with CyberSecure. To get started, please reach out to Michael Camacho at or Kevin Ricci at, or click here for more information on CyberSecure.

Our specialists are here to help.

Get in touch with a specialist in your industry today.

* Required

* I understand and agree to Citrin Cooperman’s Privacy Notice, which governs how Citrin Cooperman collects, uses, and shares my personal information. This includes my right to unsubscribe from marketing emails and further manage my Privacy Choices at any time. If you are a California Resident, please refer to our California Notice at Collection. If you have questions regarding our use of your personal data/information, please send an e-mail to