When developing a BCM plan for your business, the first thing you should do is consult with members of your senior management team to determine what type of disaster would be detrimental to their ability to conduct business. You can then take that information and compile it into a section of your plan. There are several types of disasters that could destroy your company’s ability to conduct business. Some disasters that are often overlooked include the loss of data, interruption of utilities and transportation, human resource issues, terrorism concerns, cyber-attacks including denial of service, earthquakes and inclement weather.
Following the development of your BCM plan you should train your employees on all aspects of emergency procedures. Testing is an important part of the training process. Testing not only ensures that your employees understand their roles and responsibilities it can also help you monitor how well your BCM plan is working.
In this article we’re going to focus on cyberattacks and how to prevent them and recover if they do happen.
Cyber-Attacks
Cyber-attacks are a growing threat to businesses of all sizes. The effect a successful cyber-attack can have on a business varies from complete disruption to only a small slowdown in operations. What is certain, though, is that the effects can be devastating.
An expert IT Company can offer guidance to companies on how best to secure their computer systems and networks against attacks. They will also be able to assess the vulnerable areas of your business or organization, define security policies and procedures that help control access to sensitive data, monitor network usage for suspicious activity (including investigating the source of any security breaches), carry out penetration testing amongst other services.
To ensure you are prepared for a cyber-attack there are several things you should include in your BCM plan:
– You should create and maintain a list of external and internal network contacts that you will need to contact if your systems are ever compromised. This list should include ISP’s, network administrators, antivirus vendors and computer emergency response teams (CERTs), just to name a few. Maintain the telephone numbers for each company as well as their contact’s names and titles.
– You should also create a list of important files that should be backed up. These files should include accounting records, mission critical documents, intellectual property and management reports. The frequency of backup varies from one company to another depending on the size and amount of data stored. A good rule of thumb is to back up files at least weekly and to have a secure backup in an off-site location.
– If your BCM plan includes the use of mobile devices, you should include procedures for securely backing up data with encryption if possible. For example, if employees use laptop computers that store customer or company information then they should encrypt the hard drive on that computer before traveling.
During a cyber-attack you should follow this protocol:
– You should immediately disconnect your systems from the internet and any other networks they share. If the attack is widespread, disconnecting your systems could be very difficult. If so, you will need to contain the vulnerability as best as possible until it can be resolved. Shutting down email, web sites and other applications may be necessary during this time.
– Send all employees home until the vulnerability has been resolved or until it is safe to return to work. You should also consider placing a hold on deliveries of packages and mail for a period of time. If you maintain a list of preferred carriers you can provide them with specific instructions to cease deliveries during this time.
– If you are able to contact your service providers, work with them to implement a continuity plan while the vulnerability is being addressed. This may include contacting ISP’s and other vendors for assistance in mitigating or blocking threats originating from your network. You can also inform utility companies of the outage so they can minimize disruption to services.
– If a cyber-attack results in the loss of data, you may need to hire a forensic investigator to determine if any confidential information was accessed or compromised during this time. You should also notify the proper authorities immediately after assessing the impact of the attack. This will help prevent other companies from suffering what happened to you and it could lead to the prosecution of those responsible.
