October is Cybersecurity Awareness month, so now is the perfect time for you to think about – and prepare for – what to do when your business is hit by a cybercrime.
A recent survey of 1,400 CIOs revealed that over 30% of those companies were hit by a cyber breach in the past year. Cyberattacks, primarily from Russia and China, are on the rise, as is the ransom they are charging businesses, municipalities and nonprofits (yes, they attack churches and other nonprofits). Unfortunately, while there are many precautions and processes you can put in place to make a cyberattack less likely, there is no way to completely guarantee you will avoid one.
Preparing your business for a ransomware attack is critical to surviving one, so it is vital to have a clearly defined action plan in place so there is no question how to respond.
- Create a task force. Meet with your management team and identify a task force that will oversee your response to an attack. This team should consist of representatives from the management team, public relations/marketing and, of course, information technology.
- Evaluate and purchase cyber insurance. Discuss what is covered (and what is not) with your insurance agent (usually E&O insurance carriers). Research what type of coverage others in your industry typically have and what options are available to your business. Talk to more than one provider and compare policies side-by-side to ensure you are getting the best one for your particular situation. If you work with an external MSP, have them review the policies you are considering and weigh in on which one is the best. Once you purchase your insurance, review the policy on an annual basis to make sure it is still providing enough coverage for your company as it grows.
- Establish an action plan. When an attack comes, important decisions must be made instantly. To avoid panic or overly reactionary decisions, you should have a written plan that covers what to do and who to contact. This is a situation where printing hard copies of your plan is important too since you may not be able to access a computer file in the middle of a cyberattack. Put your printed plan in several key locations, such as in red 3-ring binders in the office and at home, and make sure everyone on your task force knows where it is located. Ask your insurance provider if they have a checklist you can use to get started on your plan but update it with your company’s specific information too. Make sure the first page is a list of people to contact when an attack occurs, including your legal counsel, insurance agent and a cyber forensics team who can come in and determine the extent of the damage.
Keep in mind that ransomware attacks don’t just happen; they are perpetrated by criminals, and the networks and systems that are held hostage are a crime scene. Treat it as such and don’t destroy or remove any precious evidence that will help your team determine the best way to respond to such an attack.
If we can help you in any way, don’t hesitate to reach out.