Weekly Security Update with your Cybercrafters: How long could your business continue when your systems fail?

Imagine the following scenario:

It’s a Thursday evening and you are getting ready to go out to a family dinner. You get a phone call from Tom, your night shift manager. He explains that all production has stopped in the factory, due to a computer glitch. You call your IT manager, explain the phone call, and ask him to investigate. He calls back, explaining that all systems are down, and he rushes to go and investigate. A short while later he calls and confirms your worst fears, your IT systems have been hacked, and you are experiencing a Ransomware attack!

So, what do you do? Do you pay the ransom in the hope that you can get back up and running? Or do you decide to close everything down, find the bugs, and restore the systems, without paying?

What factors do you consider in making this decision? Let’s look at some of the realities you need to face when you are in this predicament:

• How long will your business survive not being able to produce anything?
• How long can you afford to have your staff standing around, idle, or even waiting at home?
• Do you have supply agreements that need to be met?
• If so, how long are your clients going to tolerate no supply?
• Do you store client and staff sensitive information?
• What plans are in place to keep business operations running after an incident occurs?
• How will your clients and staff feel about their personal information being shared on the dark web?
• Do you know which systems store what personal information?
• Do you understand where your data is stored?
• Do you supply products or services to Australia, Europe, the UK, or the USA? Will you be liable under these countries' privacy laws & regulations?
• How much is all of this going to be costing you on an hourly, daily, weekly and monthly basis before you have to consider having to shut down the company?

Then of course you have the reputational damage to consider.

There are many businesses, organisations, and even industries that simply cannot afford to have a disruption like this. Communication is essential to take place with responding to an incident, where all staff is on the same page so that the incident effects are reduced. Getting the business operations to continue to operate as normally as possible and having all customers alerted in a timely manner will be crucial for your business to succeed. So, what do they do? What do you do? You start by putting plans in place. A Business Continuity Plan, an Incident Management plan. Have you tested your last incident management plan or business continuity plan? Are you sure it is robust? Not sure if it's got all that you need to be covered, have a chat with us and we can see where the gaps are.