Cyberattacks are becoming more common, with sizable losses for victim organizations. The FBI fielded over 880K cybercrime reports in 2023, but an estimated 80% of all such crimes go unreported. Even so, the relatively small fraction of cybercrimes that Americans reported in 2023 represent over $12.5 billion in potential losses—22% more than in 2022.Disclosure 1

Besides financial damage, your association could suffer operational disruption and loss of data if hackers break through your defenses, exposing homeowners and staff to long-term risk of fraud and identity theft. In this escalated threat environment, planning for how to handle a cyberattack is an important component of your association’s overall risk management strategy.

Beyond financial losses, the impact of a cyberattack can include operational disruptions, legal repercussions, and reputational damage.

Plan for an attack.

Prevention is important, but when one careless click can unleash an attack, it’s impossible to stop all attacks. Detailed planning for a potential event helps you prepare and respond more quickly and effectively if your association does experience a cyberattack. It’s worth the time and effort to think through appropriate actions, necessary resources, and possible barriers you could face should hackers break through your defenses.

Designate an incident response team to develop and maintain a comprehensive response plan. In addition to IT staff, your team should include senior managers, key operational employees, and even board members. Keep a copy of your plan offline—a cyberattack could lock you out of your systems.

Establish relationships with external resources and experts. Know who you’ll call for specialized knowledge and advice if you have a problem. That could include a cyber incident response firm, data forensics experts, data privacy legal counsel, the association’s cyber insurance broker, and communications/public relations professionals.

Assess the plan periodically under various incident scenarios. Conduct cyber-attack drills for team members to practice their response steps, improve familiarity with how the response unfolds, and identify potential problems. This kind of “dry run” can reduce stress levels and improve the speed and performance of implementing your plan during an actual event. 

Understand your incident to-do list.

After an attack, every minute counts. Stay calm and react quickly but methodically, using this checklist as a general guide.

Activate your incident response team. Make sure that everyone designated with oversight duties knows their role. Inform board members of the attack and the appropriate responses taken.

  • Consult your insurance broker to discuss insurance policy incident notification requirements. Your insurance broker can work with your cyber insurance carrier to outline the appropriate first steps and the optimal process to engage carrier-approved vendors. This ensures you’ll have the right resources charging the right rates and that you’re adhering to your insurer's terms and conditions, so you receive your full policy benefits.
  • Engage your legal team. Involve approved breach counsel at the onset to determine appropriate actions that fulfill legal obligations, manage potential liabilities, and prepare for the possibility of future litigation or regulatory investigation.

Conduct a thorough damage assessment and implement the appropriate response plan.

  • Identify the threat and try to isolate affected systems to prevent further damage. Resolve the vulnerability that allowed the incident, if possible.
  • Preserve and document evidence related to the incident. In your haste to restore data, take care not to destroy evidence that could help law enforcement identify the attackers or be used in their prosecution.
  • Address the most urgent priorities. Mitigate the impact of the incident, repair systems, restore data, and strengthen security.

Work closely with your forensic investigation firm and other incident response experts. If necessary, assist with the negotiation process and prepare for secure and lawful extortion payment. Provide support to restore full operational status across the organization.

  • Report the incident to appropriate law enforcement and regulatory agencies. They may be able to assist in the investigation.

Contact your bank if your account has been compromised.

  • Report the fraudulent incident to your bank’s fraud response unit.
  • Work with your bank to try to recoup funds.

Craft your communications plan.

  • Talk to an insurer-approved public relations and communications team about the best ways to communicate about the incident with your staff, homeowners, and other public-facing audiences.
  • Verify and comply with legal requirements to notify those affected by the incident and offer credit monitoring and/or identity theft restoration services as approved by your insurer and advised by your breach counsel.

Be ready if a cybercriminal strikes.

Learn how to respond after a cyberattack. Truist Association Services has a team with more than 35 years of experience dedicated to homeowner and community associations. We can help you plan for and respond to cyberattacks and other threats that put your association at risk. Call us at 888-722-6669, or visit Truist.com/AssociationServices.

Purple PaperSM

Digital Transformation

Learn how you can put advanced technology to work for your business.

Related resources

Association Services

(Video) Standing for better: Truist Association Services

Association Services

(Video) Payment options with Truist Association Services

Association Services

(Video) Better financing with Truist Association Services

Stay informed and get connected

Looking for fresh thinking and new insights to help uncover opportunities for your business needs?

Helpful links



Connect with Truist Association Services

Talk to your Truist Association Services relationship manager about how Truist can help meet your financial needs. To learn more, contact us at 888-722-6669 or visit us at Truist.com/AssociationServices.

Sign up for monthly articles on Business Insights

Sign up to receive our business insights, thought leadership, and client success stories that can help inspire your next bold business move.

Please enter a first name
Please enter a last name
Please enter a valid email address
Please enter a company name
I'm also interested in: Please select a campaign option