If you aren’t planning on how your company will bounce back from a potential cyberattack, your IT security strategy is incomplete. Because the tactics that cybercriminals use continue to evolve, reaching more people and businesses, the probability that your company will experience a breach is high and a study by Nationwide Insurance (see chart below) shows that most businesses don’t have the documented plans that are needed to effectively recover from a disaster such as a cyberattack. Following are four plans that would help your company to develop the resilience needed to recover from an attack and reduce the possible impact on your business.
Someone just discovered a breach. Now what do you do? This is when your Incident Response Plan kicks into action. The objective is to stop or contain the damage. When addressing cyber incidents, this part of your IT security plan provides details about the responsibilities and authority that people in your organization have to take action. While you can’t predict exactly what might be affected by an attack, you can document procedures that could be used to shut down all or part of your network. The documentation needs to provide enough instruction that you avoid relying on any one person to have the technical knowledge to implement measures.
You just stopped the attack. Now what do you do? This is when you need your Disaster Recovery Plan. This plan documents how you will get your technology up and running again, whether it’s because of a cyberattack, natural disaster or some sort of accident. When you create a Disaster Recovery Plan you will set up a backup system based upon the amount of downtime that your business can tolerate. The documentation will include how to use the backup data and systems to restore business processes. Training and practice are integral to effectively using the procedures
People are going to find out about the breach. What do you do? Your Communication Plan comes into play to help you protect your reputation by documenting who is to be the spokesperson and what channels of communication will be used to reach people internally and externally. Providing people with the information that you want them to have is the best way to combat rumors and inaccurate stories. One of the most damaging repercussions of a cyberattack is loss of trust. Appropriate communication with customers, employees and vendors will signal that you have control of the situation and de-escalate fears.
Your Business Continuity Plan could encompass everything that is included in your Incident, Disaster Recovery and Communication Plans, but creating this document is even more comprehensive. Its prime objective is to restore business functions so that the company can resume revenue producing activities.
Beginning with analyzing your exposure to risks, and their potential impact on your business, the process of creating this plan requires you to identify which business functions are critical so that you can document the processes you’ll use to recover, if and when you experience a disruption.
In assessing risks, possible prevention measures can be included, and as with the other plans, training and practice are essential so that people can think on their feet and respond with the procedures that you have already decided will be the best way to lessen impact on the business.
While you should create and own your business continuity plan, you will probably need to rely on your IT support company to participate in the technical tactics. Thriveon’s proven process addresses Security as one of the seven facets of a comprehensive IT Strategy, and we assist clients with creating strategies that prevent and mitigate the risks of cybercrime.
To discuss how including IT security and strategy can help make your business better, please request a meeting.