Be aware of cybersecurity best practicesWhile staying prepared for an attack will help mitigate problems when one happens, there are steps you can take to reduce the risk of an attack in the first place. The recent WannaCry ransomware attack that disrupted NHS operations spread around the globe by targeting unpatched systems. Be sure that your firewalls, servers and other infrastructure are kept up to date and that you have perimeter security that will filter malware before it burrows into your network. For more tips on preventing an attack, visit the BCAW page.
Practice your business continuity planHaving a business continuity and disaster recovery (BC/DR) plan in place is the best possible defence against disruptions caused by ransomware or another cyber attack. A plan that isn’t regularly tested though may have unexpected problems that could hinder your recovery. Here are some of the benefits of testing your BC/DR strategy: Validate recovery time BC/DR testing helps establish achievable recovery time objectives (RTOs) – the amount of time specific business functions must be restored. Some businesses, such as those in the healthcare and financial industries, also must adhere to regulatory requirements for maintaining a certain level of uptime and protecting sensitive data. Whether you have compliance requirements or just need to maintain your ability to meet your customers’ expectations, testing enables you to validate your ability to meet those requirements. See how well recovery processes flow together Recovering from a ransomware attack typically requires several critical operations to occur at the same time. The data recovery process needs to begin, employees might need to move to alternate workspaces, and you’ll need to run applications on backup systems. Exercising these operations simultaneously during a BC/DR test will reveal how efficiently they can be performed in a real-life scenario. Clarify communication protocol When a business disruption occurs, collaboration and effective communication among participants and stakeholders is necessary for recovery and for clarifying the roles of personnel during an outage. By taking your communication protocol through a trial run, you can better prepare your organisation to execute the BC/DR plan effectively in the event of an interruption. Address gaps in your business continuity plan During high-pressure situations like ransomware attacks, it’s easy to remember key processes such as communications and data backup, but other issues can be easy to forget about when you’re rushing to meet RTOs. Testing enables you to focus on key elements of that plan that can slip through the cracks, such as security protocol and proper documentation of the recovery process. Set realistic expectations for an attack response If you and your service providers have different expectations about what happens immediately after an attack, it becomes difficult for those expectations to be met. BC/DR testing enables you to set realistic, clear objectives to be carried out when an outage occurs. It also allows you to establish a point of contact for end users, clarify who is responsible for recovering data and determine who will troubleshoot issues during the recovery process. Having a BC/DR plan is one of the first steps toward preparing your business to overcome a ransomware attack or any other potential business disruption, but testing and practicing your response is the only way to give you a true understanding of what’s going to happen and how well your business can recover. Paul Barber is an infrastructure manager from managed service provider IT Specialists Image: Shutterstock
Share this story