Plan Ahead for a Cyber Breach Now – Yes, NOW
First, Understand WHAT a Cyber Breach is
Basically, a Cyber Breach is any IT related event that could negatively impact your business. We still come across some businesses that claim they have “nothing of value” to lose which we find astonishing. The truth is that every business has many things of value to hackers, but the chances are that even if you made a list it would still be missing some important items you had overlooked.
Remember – a Cyber Breach is not just a technology crisis – it is a business crisis.
Train your employees to recognize these symptoms and to know what the reporting requirements and process is. Some of these symptoms may require urgent attention. User training should include instructions on what to do/not to do. IT may issue preemptive “Immediate Action” instructions for certain symptoms such as immediately pulling the power cord from the system (emergency shut down) or isolate from the network (yank network cable) to be carried out before calling to report the incident.
If you get infected with a Ransomware virus such as CryptoLocker, this needs to be your very highest priority response, since the time frame to recover your data with a decryption key (if you do not have backups in a safe haven) will be very limited – typically this may be measured in just a couple of hours.
Communication is Key – Develop a Communication Plan
A communication plan is essential. Even if you are dealing with a minor localized event, your employees still need to know who to communicate with and IT needs to have a formal response plan. In addition, IT needs to be absolutely sure that what appears to be minor and apparently contained is not part of a bigger problem, so there must be an all-staff alert list and employees need to recognize these alerts and give them immediate attention.
Key elements of a Communication Plan:
- All employees from the CEO down to the receptionist need to know who to contact to report an incident
- Always have an alternate IT contact in case the primary one is unavailable
- Communication methods should be (where possible) in person, phone, text, email in that order
- Never assume a voice mail has been heard, or a text or email has been read. ALWAYS rely on confirmation
- All employees must acknowledge that time is of the essence
- Develop a message map for various cyber events so you will have a consistent response
- All-staff alert emails must stand out from normal ones so they grab immediate attention
When in doubt, CALL YOUR IT DEPARTMENT
Always alert your IT department FIRST of a cyber breach. This ensures you have started at the correct spot in the chain of command.
Find out where your systems stand by contacting us or your Techni-Core engineer today! (256) 704-0234