To minimize potential risk, insurers will demand that companies develop and document incident response plans. These plans are designed to spell out the exact steps a company must follow in the aftermath of an attack or data breach. These steps help ensure that the incident is handled in a manner that helps limit the damage caused and reduces recovery time and costs.
According to the SANS Institute, there are six key parts to an incident response plan: preparation, identification, containment, eradication, recovery, and lessons learned. Companies will be required to not only come up with plans for each of these areas, they will also be required to identify the specific team that will be responsible for managing and executing the plan.