So, you discover you’re the victim of a security breech or a malicious cyber attack. Your first instinct is to panic. Tear up your servers. Trash the system. Start fresh.
Slow down. Count to ten. If you’ve developed a plan you just need to trust it. That’s why developing a road map now is crucial to help ensure your team takes the smartest and shortest path to recovery. By taking steps today, disruption can be minimal, or at least minimized.
Not if. When.
As we’ve pointed out in previous blog posts, such as our post about three recent Cyber Attacks, security breeches, malware and other cyber attacks are not ‘if’ you’ll be hit, but ‘when.’ Per Information-age.com, citing a report by SailPoint, 60% of all companies expected to be breeched in 2017 “with 29% believing they won’t even know they were breached when it happens.”
There are plenty of things you can do to protect your data and minimize threats and we’ve detailed many of them in earlier articles. These include citing the importance of keeping regular backup data offsite, such as in the Cloud, and ensuring email security.
You will not only need to create a Disaster Recovery Plan but be able to execute it. So if its indecipherable and overly complicated, with multiple layers that may or may not be relevant, it will only slow and bog you down. Your Disaster Recovery Plan should include a full list of your assets, databases and more … but here are some things you should think about, too.
- Pre-approve spending
Things can get pricey. So create a Business Impact Analysis (BIA) now that evaluates all the expected costs, including the loss of cash flow, replacement of equipment, renting new office space (in the case of a natural disaster) and even the salaries paid to catch up on a likely backlog of work. Attacks might happen on the weekend, or late at night, but pre-approving spending on various solutions can quicken decision making when the times comes to make them.
- Name the team
According to the website disasterrecovery.com, “The organization should form a Disaster Recovery team that will assist in the entire disaster recovery operations. The team should be composed of core members from all departments with representatives from the top management. The team will also be responsible for overseeing the development and implementation of the DR plan.”Team members should attend meetings and remain up-to-date regarding company policies. Individual responsibilities should be well-defined. Contact information should be available for every member, including how to reach them if all business systems are down (such as with personal phone numbers and home addresses).
- Find vendors
Full recovery may take more hands than you have on staff. What external help will you need, such as lawyers or PR experts? A list with names and approved partners will be one less thing to worry about later.
- Ensure you keep things current
Policies change. Inventory changes too. If your DRP isn’t up to date, it’s insufficient. Your Disaster Recovery Plan should include procedures for maintaining and updating the plan, with regular review by the Disaster Recovery team.
- Develop testing protocols
According to Milind Kulkarni, VP of product management for network resilience company Veriflow, as quoted in a recent article on CSOonline.com, “Just having a DR plan isn’t enough. The plan needs to be regularly tested, and people need to practice procedures, just like a school prepares its students for fire and emergency drills on a regular basis. If not regularly practiced, the plan is ineffective.”
- Act Now
Making a plan can be a lot of work, and we all know that time is valuable. That’s why Single Path partners with companies like yours to analyze, plan, educate and protect. We can put the processes in place that will minimize any damage, and protect you from many attacks. But we’re also there to help you when you need it. For example, among our many comprehensive offerings is Malware Outbreak Services. Like a trauma team in the ER, our Malware Outbreak Service Team has the processes and tools in place to clean up a breach. Our sophisticated software can identify what happened. Our team will also perform vulnerability scanning to see what data might be compromised.