Unfortunately, many SME owners don’t treat their business like their child when it comes to creating a business continuity plan – protecting it from all possible threats. Cybercrime is one of the fastest growing criminal enterprises, and it’s a potential pitfall for which many SMEs don’t prepare.
“We’re too small,” SMEs say. “Hackers won’t be interested in attacking my business. We’re not big enough.”
That couldn’t be further from the truth, as one SME in Scotland found out. In late 2015, a hair salon had its business disrupted when ransomware – malware that encrypts and holds data hostage until a ransom is paid – blocked access to the salon’s appointments, wage details, client histories and more.
Against the recommendation of experts, the owners paid the ransom of about £840 to unlock some data. Appointment data was completely erased, forcing the salon to scramble to confirm appointment dates and times.
Though £840 might seem small on the surface, consider how much the salon lost during the attack. How much time and effort went into reconstructing the appointment data after the ransom was paid? And now that hackers know this particular SME is willing to pay, how many more times will it be hit in the future?
With Business Continuity Awareness Week having looked at cyber resilience, here are some cybersecurity tips – and how practicing your business continuity plan will help you stay prepared.
Be aware of cybersecurity best practices
While staying prepared for an attack will help mitigate problems when one happens, there are steps you can take to reduce the risk of an attack in the first place. The recent WannaCry ransomware attack that disrupted NHS operations spread around the globe by targeting unpatched systems. Be sure that your firewalls, servers and other infrastructure are kept up to date and that you have perimeter security that will filter malware before it burrows into your network. For more tips on preventing an attack, visit the BCAW page.
Practice your business continuity plan
Having a business continuity and disaster recovery (BC/DR) plan in place is the best possible defence against disruptions caused by ransomware or another cyber attack. A plan that isn’t regularly tested though may have unexpected problems that could hinder your recovery. Here are some of the benefits of testing your BC/DR strategy:
Validate recovery time
BC/DR testing helps establish achievable recovery time objectives (RTOs) – the amount of time specific business functions must be restored. Some businesses, such as those in the healthcare and financial industries, also must adhere to regulatory requirements for maintaining a certain level of uptime and protecting sensitive data. Whether you have compliance requirements or just need to maintain your ability to meet your customers’ expectations, testing enables you to validate your ability to meet those requirements.
See how well recovery processes flow together
Recovering from a ransomware attack typically requires several critical operations to occur at the same time. The data recovery process needs to begin, employees might need to move to alternate workspaces, and you’ll need to run applications on backup systems. Exercising these operations simultaneously during a BC/DR test will reveal how efficiently they can be performed in a real-life scenario.
Clarify communication protocol
When a business disruption occurs, collaboration and effective communication among participants and stakeholders is necessary for recovery and for clarifying the roles of personnel during an outage. By taking your communication protocol through a trial run, you can better prepare your organisation to execute the BC/DR plan effectively in the event of an interruption.
Address gaps in your business continuity plan
During high-pressure situations like ransomware attacks, it’s easy to remember key processes such as communications and data backup, but other issues can be easy to forget about when you’re rushing to meet RTOs. Testing enables you to focus on key elements of that plan that can slip through the cracks, such as security protocol and proper documentation of the recovery process.
Set realistic expectations for an attack response
If you and your service providers have different expectations about what happens immediately after an attack, it becomes difficult for those expectations to be met. BC/DR testing enables you to set realistic, clear objectives to be carried out when an outage occurs. It also allows you to establish a point of contact for end users, clarify who is responsible for recovering data and determine who will troubleshoot issues during the recovery process.
Having a BC/DR plan is one of the first steps toward preparing your business to overcome a ransomware attack or any other potential business disruption, but testing and practicing your response is the only way to give you a true understanding of what’s going to happen and how well your business can recover.
Paul Barber is an infrastructure manager from managed service provider IT Specialists