We’ll let you in on a little secret. Cyberattacks have been increasing in number in the past few years. All you have to do is to look at this infographic and you'll notice this fact.
And if that infographic isn’t enough, here are a few more stats:
- Market research analysts at Gartner say that there will be $170.4 billion in revenue for the global information security market in 2022.
- Cybersecurity company Proofpoint states that 88% of organisations worldwide experienced spear-phishing attempts in 2019.
- Risk Based Security claims that data breaches exposed 36 billion records in the first half of 2020.
- According to Verizon, an American wireless network operator, 86% of breaches involved financial gain and 10% involved espionage.
Great, now that we have your attention, how do we go about disaster recovery planning?
How to respond to cyberattacks
An incident response plan (IRP) is the first step in disaster recovery planning, and it must be tailored to the cyber risks facing your business. As a guideline, follow these high-level steps when creating your IRP:
Preparation: Identify employees and partners who will respond to incidents and prepare to handle them. It is imperative that responsibilities are clearly defined in the event of a cyberattack.
Detection: Ensure that your network is constantly and comprehensively monitored. Identify minor events from major ones and establish escalation procedures for each.
Containment: Isolate the infected system and investigate the cause of the intrusion.
Recovery: Eradicate the source of the intrusion (blocking malicious IP addresses, changing passwords, patching holes, resolving vulnerabilities etc.) while complying with regulatory requirements. A company's brand and image must also be protected during this time.
Post-incident review: Bring together stakeholders to discuss lessons learnt and identify security gaps to prevent similar incidents from reoccurring.
Maintain your IRP: When creating an IRP for your specific company, it's important to perform annual (or more frequent) reviews of the IRP and periodic training of the designated response team.
Cybercriminals will have an easy time targeting your organisation if it does not have a cybersecurity programme in place.
The days of only relying on antivirus software and simple firewalls are over. According to the Cyberchology: The Human Element of Cybersecurity report: "80% of businesses have seen an increased cybersecurity risk caused by a human factor.” Cyberthreats can come from any level in your organisation. It is imperative to train your staff about scams like phishing and advanced cybersecurity attacks like ransomware (think WannaCry) and other malware aimed at stealing intellectual property.
Provide full disclosure
Ensure that employees, customers and the public are notified of a crisis. Failing to inform them can only make things worse. An important crisis management best practice is full and immediate disclosure of cyberattacks. For example, Uber's attempt to conceal a cyberattack exacerbated an already difficult situation. According to the Wall Street Journal, Uber later: "... reached a nationwide settlement to pay a $148 million penalty to settle allegations it intentionally concealed a 2016 data breach”. You certainly don't want to find yourself in a similar situation, so make sure everyone knows when a data breach has occurred.
STS secures your information
For business continuity and future growth, it is imperative to be able to recover from a data breach and resume operations. We have a range of solutions dedicated to help you recover from a cyberattack. These include:
Disaster Recovery as a Service: Keep your applications and software available at all times with our Disaster Recovery as a Service (DRaaS).
Back-up solution: Protect your data from internal and external threats with tailored back-up solutions.
Contact us so we can discuss these solutions in more detail with you. Together let’s bolster your disaster recovery planning.