Maksim Kabakou - Fotolia
Security Think Tank: BC/DR plan key to cyber attack survival
How should businesses plan to survive a potential cyber attack extinction event?
The world is full of dangers and some of the most deadly are those that we ourselves unwittingly encourage or allow. An example of this is believing that someone else has your back, such as your IT or internet supplier.
We need to accept that despite the cyber security initiatives that we trust our IT suppliers have taken, it is entirely possible for a cyber attack to cripple the company’s IT. So what can a company do to enable recovery from such a devastating attack?
The key is for there to be a comprehensive, documented, maintained up to date and regularly tested business continuity and disaster recovery (BC/DR) plan that is supported by BC/DR team.
This team should, ideally, be drawn from across the company, and its members and their contact details made known to the general company. Each team member should have a copy of the plan and additional copies held by key departments (IT, accounts and so on). A copy should also be held in a safe location, such as a bank vault.
A BC/DR plan needs to recognise the importance of company data and that the data needs regular backing up on a schedule that reflects its importance and volatility (such as from real-time to hourly, daily). The plan also needs to address the systems and applications that run the businesses, and ensure they are backed up. And if that backup of data and systems is online, the BC/DR plan needs to recognise that the cyber security measures in place might not be sufficient to protect it.
Irrespective of whether there is an on-line backup in place, you will need a secure off-line backup which, ideally, should be off-site to protect against environmental issues affecting the main site. The plan needs to address the issue of data input and output during a BC/DR scenario because there is no point in running a DR IT system that continues to issue Bacs payments if there is no way to input data and output invoices.
The plan must address the issue of being able to bring up the IT system at another facility and with new internet connection(s). This will require formal agreements with various suppliers to ensure suitable facilities can be provided and backups can be restored. The plan also needs to address intra-company communication and external communication with suppliers, customers and the public.
For the small business community, while what I have described might look onerous, some careful thought into the “how” will pay dividends.
Read more from Computer Weekly’s Security Think Tank about how to survive a cyber attack that could potentially destroy a business
For example, say the company IT is essentially a number of PCs, each running its own set of office applications, but with a local area network (LAN) to provide internet access and, typically, email. The daily backup solution could be USB devices for each PC, for example a memory stick (currently available in capacities of to 512GB) or an external hard drive (available in capacities of up to 10TB).
But remember to disconnect when not in use to protect stored information. An external DVD/Blu-Ray read/writer could be a shared resource and would be good for those monthly off-site backups. Capacities of up to 128GB are available.
Disaster recovery will be eased by using standard, off-the-shelf, office software that is in current manufacturers’ support and by maintaining all PC software up to date.
In addition to a comprehensive BC/DR plan, a company needs to have well-maintained, comprehensive records of all its assets, both IT and data, including network design and licensing.
It also needs to document where it can go for specialist support because this could be vital in the event of a disruptive cyber attack. Don’t forget the contracts with your various IT/network suppliers in terms of what they say about cyber security.
Remember that while you can outsource the provision and management of security, you cannot outsource your responsibility. You need to be able to articulate your security needs.