Does your business continuity planning include what to do in case of a cybersecurity disaster?
Emergency preparedness is essential for smooth emergency response – and the faster you respond to an emergency, the better. September is National Preparedness Month. As you’re reviewing the other disaster preparedness plans in your life, it’s time to make sure that your business continuity planning is still up to date, especially around cybersecurity.
We’ll be covering a different aspect of Cybersecurity Disaster Preparedness Planning every Thursday in September including business continuity, cybersecurity incident response, the anatomy of a data breach, and lessons learned from the COVID-19 pandemic to give you the information that you need to update your Cybersecurity Disaster Plan for 2021.
You Do Have a Cybersecurity Disaster Plan, Right?
Do you have a plan for what to do if you have a data breach? How about if you can’t access your offices? What if one of your key team members is unable to respond to an emergency. Or, if some other cybersecurity disaster occurs, like a ransomware attack or a malicious insider incident?
Every business should have a Business Continuity Plan. It’s essential that everyone be on the same page and ready to mitigate damage in the event of a disaster. Whether it’s a cyberattack, a Dark Web fueled hacking incident, natural disaster, a pandemic, a weather event, or something more dire, disaster can strike at any second – as we all learned this spring when the COVID-19 pandemic became part of our lives.
Protect Your Business From Today’s Biggest Threat with Graphus: Automatic Phishing Defense
Every Detail Matters
Kaseya offers an excellent eBook on business continuity planning that can help you get started making a plan to protect your business and keep it going in times of trouble. With step by step instructions and easy to follow charts, it’s a good starting point as you determine what you need to take into account to create an effective business continuity plan.
When it comes to cybersecurity considerations in your business continuity plan, it’s essential to start at the most basic level and build out to make sure that you’ve covered every angle. Mitigating the damage from a social engineering attack is very different from defending against a ransomware attack. Each type of incident will require its own response.
Here are a few steps to take when creating your cybersecurity disaster plan that can help you determine what individual disaster scenarios your business might face in terms of cybersecurity, and help you build a plan to make sure that your business is covered.
- First list all of the potential cybersecurity disasters that your business may be at risk for, like a data breach.
- Then, under each topic, create a quick, general list of the steps that you’d need to take to handle that emergency. If someone exfiltrates the plans for your newest product, who should be the first point of contact? Who coordinates that response? What is needed to mitigate or repair damage? Who has access to the things that your POC needs?
- After that, take each step further by listing exactly how to complete it, like exactly who has access to certain systems. For example, list all methods that you have to reach the POC for that emergency – business cell, business email, home cell, home phone, personal email, messaging applications, social media profiles, etc.
- Write down everything to the smallest and most exact detail. Do not assume that you or anyone else with your level of knowledge is going to be following this plan – write it like it’s going to be enacted by a stranger. Are you using a secure identity and access management solution that will require multiple identifiers before granting user access? Where is information like passwords or keys kept? How is that accessed? Who knows how to take these actions?
- Review the plan with a trusted outsider like a cybersecurity consultant to make sure that you’ve covered all of your bases.
- Go over the plan and their roles in it with the people who would be involved in executing it. Make sure that you’ve accounted for everything that they would need to do their job as outlined in the plan, especially if the plan can or will be executed remotely.
- Make sure that the plan is kept securely in a place that your most trusted staffers and executives can access in case of an emergency but away from potentially malicious prying eyes, so they can quickly get started on executing it in case of an emergency.
Don’t miss this epic FALL 2020 trilogy & the knowledge you need for a successful 2021
Keep Important Information Accessible but Protected
One of the easiest ways to make sure that everyone has access to what they need to begin remediation and recovery in the event of a cybersecurity-related disaster is to use a Secure Shared Password Vault, a feature that is included with Passly. With a Secure Shared Password Vault, companies are more easily able to make sure that staffers have access to essential administrator and privileged user credentials, but they’re stored securely to keep them safe from cybercriminals.
In your Secure Shared Password Vault, you can store the credentials that techs would need to reset servers, access backups, perform administration tasks in business applications, unlock devices, and other essential functions that may be required to mitigate damage or restart systems in case of emergency. Plus, by putting those credentials in secure cloud storage, you reduce the danger of staff password sharing and ensure that they can be accessed whenever they’re needed, anytime, anywhere, eliminating the need to track someone down for a password in tumultuous times.
Create Less Stress When You’re In a Mess
No business is disaster-proof. Your business will experience problems, and not having a concrete plan for solving them will cost you time and money. By creating a clear business continuity plan and including emergency responses for potential cybersecurity disasters, you can make sure that your business is ready for anything and able to keep running no matter what challenge crops up.
Our Partners typically realize ROI in 30 days or less. Contact us today to learn why 3,000 MSPs in 30+ countries choose to Partner with ID Agent! LEARN MORE>>
See our innovative, cost-effective digital risk protection platform in action. WATCH DEMO VIDEOS>>
Contact us to schedule a one-on-one call to see how we can grow your business. SCHEDULE IT>>
FOLLOW US ON SOCIAL MEDIA!