How to Prepare for a Cyberattack with Disaster Recovery
Did you know a recent study found that nearly half of all cyberattacks target businesses with less than 250 employees, and that it’s been reported that 60% of small businesses close within six months of a cyberattack? Whether large or small, every organization should be developing and updating an information technology disaster recovery plan.
A disaster recovery plan is an essential component of business continuity planning and can help minimize downtime in the event your IT system, and the essential data it contains, is compromised. The primary goal is to resume normal operations as quickly as possible to minimize financial and reputation damage to your organization.
Remember: Backups and Disaster Recovery are not the Same Thing
While a disaster recovery plan should certainly focus on cybersecurity, it’s important to consider that essential IT infrastructure could be damaged by other causes, such as equipment failure, human error, or natural disaster.
Perhaps the nature of these other scenarios are why businesses often assume that basic backup solutions such as cloud services or redundant on-site storage will be sufficient. However, services like Google Drive and Office 365 are often the target of ransomware attacks, and physical backups are often easily discovered and affected once a network has been breached.
Take Stock of Essential Systems
A Disaster Recovery Plan goes beyond backing up files, and involves taking an inventory of critical hardware, software, and connectivity systems that your business relies on.
In addition to data recovery, an IT DRP should incorporate strategies that address how your organization will cope with the loss of one of more of the following IT system components:
- Physical locations and rooms (climate controlled, back-up power supplies, etc)
- Hardware (networks, servers, desktops & laptops, mobile devices, peripherals such as printers, item scanners, point of sale terminals)
- Connectivity to a service provider
- Essential software applications
Determine How Much Downtime You Can Tolerate
Most businesses today rely on high availability – that is, systems and components that are continuously operational with almost no downtime. If your system is compromised by a cyberattack, there are two important measurements that will influence your disaster recovery plan: your Recovery Point Objective (RPO), and your Recovery Time Objective (RTO).
RPO refers to the maximum age of the files that must be recovered to resume normal operations – this number determines the minimum frequency of backups and is often measured in hours. For example, if an organization settles on an RPO of 6 hours, the system must back up every four hours.
RTO refers to the maximum amount of time an organization has to recover files and return to normal operations,
The tighter the RPO and RTO windows, the more resources will be required to meet these targets. They are important figures that will guide administrators in selecting the optimal strategies, procedures and technologies to aid in disaster recovery.
A Disaster Recovery Plan is Worthless Without Testing
If your plan has any blind spots or vulnerabilities, the it’s best to discover them before disaster strikes. Regular testing not only provides you with the opportunity to ensure your recovery plan is solid; it also provides the opportunity to maintain and update the plan, creates training opportunities for staff, and creates awareness about disaster recovery procedures within your organization.
If you’re unsure on how to develop a disaster recovery plan that will meet your needs, or need help updating and testing your current strategy, we can help! The team here at Discovernet has spent over 20 years providing audits and assessments for organizations of all sizes.
If you would like to learn more about the managed security solutions we offer, contact us and let us know what you are looking for!
