Small and midsized businesses usually think about an incidence response plan only after an incident has occurred.  But experts recommend creating a simulated of cyber attack to help management identify the risks and to narrow down the insurance coverage needed.

Article Excerpt:

Small and midsize businesses (SMBs) rarely call up security consultants asking for help in improving their incident-response program. But when they do call, they are usually panicked and in the midst of a real security incident.

While incident-response preparation has become increasingly important, most firms — especially SMBs — will push off the creation of an incident-response plan until the future. Playing through an incident-response simulation — a game — can help, security experts say. Creating a plausible scenario for a security threat to the business is much easier than trying to create a policy from whole cloth and helps to educate management on the impact of potential security threats.

Read Entire Article