By Phoebe Parsons | Account Executive at claireLOGIC
The first of our three exciting Disaster Masterclass events took place at Blenheim Palace last week. We had some amazing speakers from organisations such as Datto and Microsoft (Vuzion), who spoke about the importance of preparing your business against a business disaster!
Cybercrime – and fraud against businesses – is at an all-time-high and will only continue to increase. Microsoft, as a security vendor analyses 6.5 billion threat signals every single day, leading to the discovery of 5 billion threats detected on devices every month alone… have you ever thought that this could easily be targeted at one of your business devices?
The worrying part about this is, that these threats put your business at risk of significant data and financial loss. Therefore, it’s important your business is prepared in case of a cyber disaster – you don’t want to be part of the 60% of small businesses that go out of business as a result of a cyberattack.
All the experts agree that first-and-foremost, it’s vital that your business is well-educated and has the correct policies in place to protect against cyberattacks. For example, do your employees know how to spot a phishing email? And do you have an adequate password policy with Multi-Factor-Authentication (MFA) turned on?
Secondly, experts have outlined the reasons why a company needs to have a business continuity solution should it be unfortunate enough to experience a successful cyberattack, or an ‘act of God’ disaster. Posing the question, what would happen if your employees were unable to access any of their crucial data? This is especially important in relation to ransomware – where attackers hold your data to ransom and try and extort money for the data’s ‘safe return’.
Having a business continuity system in place that continually backup your organisational data, i.e. like those provided by Datto, allows you to reduce this risk as you can simply restore access to your systems from a previous backup. This means you won’t find yourself in a position where you have to pay a ransom fee for your data (which almost certainly won’t even get you your data back anyway). It also means that, with the help of your Managed IT Service Provider, the financial loss as a result of business downtime will be limited because your business can quickly return to operation.
A crucial point was made by Jack Cooke – at Datto – that backup isn’t enough. If it takes your organisation weeks to spin your IT systems, then this backup is nowhere near enough mitigation against the risk. A safer solution would be a dynamic business continuity solution that enables you to continue to work even if the worst happened.
Finally, in order to be fully prepared against a cyber disaster it’s important to have fail-safes and mitigation methods outside of the technology. This, for example, means having a cybercrime insurance policy. Should all else fail, the right cyber insurance policy could protect you against some of the significant financial implications of a cyber disaster. Depending on business size and annual turnover, cyber insurance policies, such as those offered by Macbeth Insurance Brokers & Financial Services, can be available from as little as £1k.
It’s also important to consider the impact a cyberattack or improper disaster planning could have on your business reputation and your brand. For example, how would your clients react to the knowledge that their private and confidential data has been accessed and potentially shared or sold on the Dark Web. Therefore, it’s important to have a crisis communication plan in place. This will help ensure your business is able to appropriately communicate the disaster to stakeholders and manage any negative press.
A Crisis Communication’s Plan will always be unique to each business, but when it comes to cyber related crisis communication, a fundamental element of all plans should include the reporting the incident to the relevant authorities – in most cases, Action Fraud. So regardless of your business’ industry or size, this all needs careful consideration and planning.
Each layer of business protection has its own specific benefit. However, it is important to note that none of these methods are mutually exclusive – having a data backup solution will allow you to maintain your business’s data but may not always fully protect you from any downtime. Similarly, an insurance policy that covers financial loss, won’t be able to bring back your data. Therefore, all the expert speakers at our event agree and recommend combining these mitigation methods where possible, to ensure your business is fully prepared in case of a disaster.
Hear from the speakers…
We are hosting another two events in November within The Thames Valley