A recent cyber security report found that just 11% of IT budgets go into incident response, disaster recovery, and infrastructure security.
This could be a dangerous underinvestment.
While it’s vital to keep your data and infrastructure protected with a layered, multi-stranded approach, no network can ever be protected from 100% of attacks. Even if it were possible, it would make your systems hard to live with, and would certainly destroy productivity.
That means you need a cyber resiliency plan to help you respond to any cyber attack that does get past your defenses. It requires different thinking to your other resilience plans around physical disasters.
In the case of a flood for example, your incident response might be to get cleaned up, find a temporary work location and get your systems online again. But in the case of a ransomware attack, you’d need to investigate how the attack occurred, locate and patch the holes in your defenses, and remove all traces of the attack from your systems.
For a cyber attack, you’ll also have a different RTO – a Recovery Time Objective – which defines how quickly you expect to get back up and running. Your resiliency plan should define that RTO, so that you understand what downtime costs you’ll be facing.
Where do you start? We recommend:
- Improving your security: Hopefully you’ve already ticked this one off. Make it as hard as possible for crooks to access your systems, without creating measures that are so hard to live with that they interfere with the smooth running of your business.
- Monitoring your systems: The sooner you detect an attack, the faster you can respond, which will minimize any damage. You should always be monitoring for suspicious activity and staff should be trained to spot warning signs.
- Responding swiftly: Your response plan should be available to everyone in the business, and should include information on who to report a suspected breach to, and all the steps that should be taken.
- Making recovery easier: Once an attack is under control it’s time to recover. That means having a good backup in place, and a rehearsed plan for restoring your systems.
If you need help with cyber resiliency, or other disaster recovery plans, get in touch today.