It seems now more than ever we’re seeing multiple news reports of ransomware attacks and their devastating consequences to an organization. It’s important to know that hackers don’t care what industry you work in, no organization is immune to cyberattacks. Most ransomware attacks are targeted at organizations with 250 or fewer employees. According to our panelists, around 60% of small businesses that suffer from a cyber attack result in closure/shutting down permanently. Preparing action plans to prevent or recover from cyberattacks are an important factor in keeping your business alive.
Previously, we’ve discussed ways to avoid ransomware attacks, but today’s focus is how an organization can recover from ransomware or cyberattacks. Below are our key takeaways from our most recent discussion on what you can do to prepare, prevent, and protect your sensitive data when a ransomware attack occurs.
- The Human Firewall: The most common source of a ransomware attack originates from in INTERNAL source. Your most vulnerable to attacks by human error (i.e. your employees) which makes educating your staff on cyber security your best line of defense when creating an action plan.
- Understand your data: as an organization, you need to know what type of data you have. Examples would be personal identification data or personal health information. By conducting a data assessment, you can learn what data you have, where is it located, who would want it, how would they get it, and what would the impact be?
- Create a Response Team: make sure you have an incident recovery team (be it in-house or 3rd party insurance/legal counsel) that has access to your organization’s security and privacy policies and procedures (updated annually) so they can assist in the recovery of the attack by your pre-determined recovery plan.
- Cybersecurity Risk Assessment: a good offense is the best defense. To assess your organization’s current risk, you should focus on; analyzing your backup operations, complete internal/external vulnerability scans, evaluate existing security awareness training, review your incident response plan, and evaluate your corporate culture associated with cyber event reporting/observation.
- Cybersecurity Insurance: hiring an expert to create policies that are specific to your organization that will assist in the event that IF you are attacked, you have to means to recoup your loss and make you whole.
- Vet your Vendors: make sure that you have really strong contracts in place with your vendors to make sure that your data is secure and ASK THE RIGHT QUESTIONS. You should ask vendors if they have the appropriate security certifications and cybersecurity insurance. Have they had any breaches in the past two years? Do their employees receive periodic training? Do they have a crisis management plan? Will they sign an NDA?
If you would like to learn more about the recovery process, reach out to Cat Edmonds at firstname.lastname@example.org