How can a business continuity plan can minimise the impact of a cyber-incident?
Find out why a business continuity and disaster recovery plan is the best response after a cyber-attack from industry expert, Scott McKean.
Why you should be preparing for cyber-attacks like any disaster
Organisations are increasingly being affected by unexpected outages or malicious cyber-attacks.
As the frequency of them occurring grows globally, many businesses are planning for cyber disasters just as they would with physical ones. Interactive’s Chief Security Officer, Scott McKean, sat down with us to discuss how a business continuity plan can help reduce the impact of a cyber-attack and how all businesses should have these elements in place.
The impact of a cyber-attack
In the event of a physical disaster, like a flood or a fire, most businesses have planned to not have access to their building and made proactive alternative working arrangements to minimise the impact on operations. In a cyber incident, businesses can be denied access to these key, but the repercussions can be much greater as additional collateral damage can occur beyond the physical.
McKean cites the example of a business he’s encountered with an annual turnover of $75 million completely locked out of its environment through a ransomware attack. It struggled to recover the data and the business didn’t survive that outage. The ransomware attack resulted in a loss of productivity and credibility for the business, but it also impacted the lives of its employees as many people lost their jobs.
McKean says that without a business continuity and disaster recovery (BCDR) plan, businesses face certain chaos in the event of a disaster with teams not knowing who to call, where to start with the recovery process, and how.
Key elements of a BCDR plan
Being prepared and having a well-practiced BCDR plan in place is key to a business recovering in an efficient and timely manner after any event, but how do you know if your plan is up to scratch?
The first thing a strong BCDR plan needs is clear communication on key roles during an incident from a single, updated source of truth that everyone in the team can rely on. Key stakeholders change and business systems change, so understanding and documenting what a business’s critical assets are and where the critical data is are especially important.
“You need one up-to-date source of truth that everyone can rely on. For example, a business should organise a document outlining ownership and key elements of assets across the company. Having this important information on hand will help businesses execute immediate and effective decisions when facing a disaster,” states McKean.
A BCDR plan must also be well-documented, sensible, clear and concise in the way it’s been written. So that when there is a disaster, there’s a plan already laid out. “Where does the business need to focus its efforts? What are the things that teams need to do first? What is the exact process to restore the data and business to full functionality? – It needs to be very prescriptive,” emphasises McKean.
McKean adds that for a Disaster Recovery Plan to be effective, it needs to be tested at least twice a year in a realistic setting, as opposed to in a staged simulation with controlled variables. “What we’re trying to do is pressure test it to uncover room for improvement. We want to find all of the holes so that we plug them before they’re an issue in a real scenario.”
Ensuring that critical functions can continue
A good business continuity and disaster recovery plan means good decisions are made, mission-critical data is recovered quickly and the business gets back to full operational ability easily and smoothly. McKean says businesses can’t account for every unexpected event, but that isn’t the point of a BCDR plan.
“You need to have enough information in there that people can think outside the box. You need enough of the raw information and data at your disposal so the people who are going to be executing it can make sensible decisions on the fly,” he says.
These strategies outline the specific steps of your processes and procedures to ensure that mission-critical functions won’t be impacted.
Choosing a partner you can trust
In the last 12 months, cyber-attacks and data breaches ranked fourth in the top ten disruptions to business.
Updating and managing a business continuity and disaster recovery plan for these ever-changing cyber threats can be overwhelming and, sometimes, out of scope for some businesses.
Interactive is the largest premier business continuity provider in Australia and have been helping mitigate business downtime for the last 20 years. We have a team of experts, including an onsite cyber security and risk team, that can help you build, update and test your business continuity and disaster recovery plans to ensure you are always covered – no matter the situation.
