5 Steps You Need to Take Now to Make Your DR Program Cyberattack-Ready
The last century – especially 1980-2000 – was a simpler time for organizations planning their disaster recovery (DR) response. They focused primarily on natural disasters that were not likely to occur and gave little attention to testing to see if they could actually execute DR. Because it was seen as unlikely to be needed funding and prioritizing testing of the plan was always a challenge.
Things are much different now. The attacks of September 11, 2001 were the first event in many IT professionals’ careers where DR plans were put to the test on a large scale. Many businesses failed as a result due to the inadequacies of their plans. Today, cyberattacks have elevated the importance of DR planning to an entirely new level. Most companies today realize that the proper posture to take regarding cybersecurity attacks is “it is not a matter of if, but when they will experience an attack. This sobering perspective demands a new level of planning, insurance and company buy-in. The casual days of disaster recovery are over.
Data breaches. Ransomware. Fileless malware. It is inevitable your business will suffer an attack. The reality is with today’s sophisticated and highly automated attackers most companies experience multiple attacks on their enterprise whether they realize it or not. Veristor works daily with organizations coming to terms with cybersecurity threats and sees the risks that can result from vulnerable architectures, out-of-date software and inadequate policies. We help our clients integrate segmented architectures, multi-level defenses, hardware and software patching, policy updates and user education to create a secure IT foundation.
Seeing firsthand the pitfalls, and knowing the solutions, we offer these steps you should take now, to make your DR program a 21stcentury, cyberattack-ready defense.
- Determine your Risk Level.The first thing you need to do is a risk assessment, and it needs to go beyond compliance. It must also look at cybersecurity risk which includes an analysis of the assets to be protected, the acceptable level of risk the business is willing to take and the controls (people, process and technology) the business must put in place to execute the plan. In addition to business insurance, cybersecurity insurance is key.
- Spend Now or Spend More Later. The single biggest mistake financially an organization can make is not to spend the correct resources to properly protect the business. In nearly every public incident in the past few years, the cost of mitigation was many times what the cost of prevention would have been. Additionally, the costs to the reputation of the business and its leadership were huge, often resulting in declining revenues and the resignations of multiple board level executives. In addition to buying the tools, the investments must be made in time and training to make sure that the business responds effectively when an incident occurs.
- Plan as if Your Business Depends on it for Survival. You don’t want to navigate your way through a disaster on the fly. While we tend to focus on cyberattacks, it’s best to anticipate many different types of disasters – natural such as flood or tornado, datacenter outage, or a malicious disaster such as a hacker or disgruntled employee – and have a plan for each. Make sure your insurance covers each type of disaster and most importantly, have a backup/business continuity plan in place. Make sure you prioritize things like tabletop exercises
- Get Everyone on the Defense Team to Make Sure All Stakeholders Know their Internal and External Roles. Conduct regular tabletop exercises so everyone in the organization understands their role, dependencies on others, applicable tools and technologies and most importantly the communication plan – when, what and who will be communicating both internally and publicly. As we have seen from several incidents over the past year, the long-term impact of a data breach or other cybersecurity incident is greatly affected by how leadership communicates to the general public and their customer base. Poor communication or poor execution of a plan in an incident will cause much harm to a company’s reputation, even if the technologies perform flawlessly. It’s not just an IT and Finance issue. It involves everyone.
- Think through the Many Aspects of Successful DR. Make sure you test your plan on a regular basis and that you have a written plan, so everyone knows what to do in the event of a disaster. Think through all the details including where people will report to work, what devices they will work on, and which systems to get back on line first. Also have all your software vendors with your contacts and license numbers so there is no interruption in your software usage and it can be authorized for a different machine.
See more tips in this Search Disaster Recovery article which includes some of our recommendations. Then, click here to talk with Veristor about your disaster recovery defense plan. We’ll work with you to get your DR strategy up to the strength level you need to recover quickly and cost-effectively.