A Business Continuity Plan (BCP) is about finding ways to maintain important business operations during an emergency. This can be an earthquake, hurricane, cyberattack, or any other type of unexpected situation. In these types of situations, preparation is key. If you don't have a plan before the emergency happens, you'll likely make bad decisions because of the stress and urgency of the situation. A good BCP will cover several different scenarios and outline the steps you need to follow to ensure that a business remains operational. This article will focus on business continuity planning for cyberattacks and how you can ensure that your business remains operational during a cyberattack. First, let's look at some of the most common types of cyberattacks that result in a business outage:
Business Disruption due to a cyberattack
- Distributed Denial of Service (DDoS): A DDoS is when someone tries to make your machine slower to respond by consistently sending traffic to that machine from multiple sources (botnet). This overwhelms the target and makes it unable to respond to legitimate user requests. A common target of this is your company's website or web application, which will make it impossible for clients to access your company's products. One prominent example of this is Sony's PlayStation network; hackers could bring down that network for months by using a DDoS attack.
- Ransomware: Ransomware is a type of malware that encrypts all of the files on a company's network so that they can't be read or accessed. Then the attacker demands that the company pay them a ransom to get their information back. For the duration that the ransomware is on the company's network and the files are encrypted, the company's business operations will be halted.
These are the two main ways that a company's business operations are halted, but there are several ways that a company can get malware on their network, and once that happens, any IT asset can be compromised. The main targets that need to be protected are the company's email system, web servers, intranet, and databases. If any of these components are compromised, then communication or the ability to access information will be stopped, resulting in a loss of business.
Start The "Business Continuity - Disaster Recovery" Virtual Lab Today >>
Tips for Business Continuity for a Cyberattack
Redundancy in IT architecture: This means you need to have backups of critical systems. For example, you should have multiple web servers capable of hosting your website so that if one web server is being hit with a DDOS attack, then it's simply a matter of switching to a different web server. The same can be said for your company's critical infrastructure; you should have built-in redundancy so that you don't have a single point of failure.
Have backups that you can restore from: One of the best things to ensure your business can survive a cyberattack is having high-quality data backups. By high quality, I simply mean that these backups are done frequently to cover almost all of the information that the company has collected until that cyberattack happens. For example, if you have weekly data backups, the most information you can lose because of a ransomware attack is seven days' worth of information. The second aspect of this is that you want to make sure that you have tested these backups and are confident that you can restore data from these backups. Some people mistake having backups done, but they never practice restoring the company from those backups. If you fail to practice this when a disaster happens, you may not be able to recover, making these backups practically useless. Lastly, make sure that your backups are stored separate from your company network and preferably offsite. This way, if a disaster hits your network or your company's physical location, your backups won't be damaged or lost.
Train your employees: All employees involved in the business continuity process should be trained on exactly what is expected during a cyberattack. This includes having someone that will determine when something is considered an "emergency," who is responsible for gathering all of the teams together, who is responsible for communicating to internal and external stakeholders, etc. Not only should employees be trained on this, but you should do different levels of simulations with these employees so that they can get practical experience performing these actions. Simulations are typically the best way to make sure your employees are ready for the real situation.
Invest in security software: The best thing you can do to ensure business continuity is prevent these situations. The best way to do that is to invest in good security software. You can buy DDOS protection software and anti-malware software. This would significantly reduce the possibility of successful cyberattacks against your company. If you use a cloud provider, like AWS, to host your web applications, they have dedicated DDOS protection software and a DDOS helpline that you can call to get assistance if your application is being attacked. Make sure you're aware of all of these resources based on the platform(s) that you use.
Recap
Business Continuity planning is all about finding ways to ensure that a company will remain operational during a disaster, in this case, during a cyberattack. The primary cyber-attacks that will cause prolonged business disruption are DDOS attacks or ransomware attacks. Fortunately, both of these attacks have several security software solutions that can prevent or at least mitigate the damage that these attacks cause. In addition to investing in these solutions, companies should ensure that they have redundancy built into their network architecture so that a single failure of any system doesn't cripple the entire company. Next, you should make sure that you have good reliable backups. This means backups that are done regularly and backups that you are confident that you can use to restore the company in case of emergency. Lastly, be sure to train your employees and test them through organized simulations to know what is expected of them in case of a cyberattack. If you implement all of these steps and good overall cybersecurity operations, you will be well prepared in the event of a cyberattack.
