Contrary to what many SMBs believe, no business is too small to become a target of hackers. In fact, the number of cyberattacks against small businesses grew by 424% in 2018 alone.
What makes that statistic truly depressing is that the percentage of companies surviving a cyber security attack stands at just 40% today. That means 60% of companies go out of business within 6 months of a security breach.
The bottom line is, cyber attacks are inevitable and most businesses cannot survive them. What separates the two groups is how they prepare for a digital disaster. After all, failing to plan is the same as planning to fail.
To help you join the ranks of businesses that bounce back from a breach with minimal damage, we have put together a list of critical steps for creating your own cyber attack recovery plan below.
1. Backup All Your Digital Assets
The only thing worse than having your data compromised is losing access to it altogether. Unfortunately, this is the prime method for many digital attacks, from ransomware to destructive wipeouts.
The single most important thing you can do right now is to put a proper backup solution in place for all your digital assets. This includes your internal network, external web servers, workstations, and all other devices. And, just as important as a robust backup is a backup with a suitable recovery time. If you have to recovery your data after an attack, you want to do so as quickly as possible to avoid down time for your business.
Any professional backup solution will let you schedule automatic backups at regular intervals of your choice. We recommend a daily schedule for most businesses. If that’s not feasible based on your organization’s data usage, we recommend backing up once a week at a minimum.
2. Invest in Data Redundancy
What’s better than a backup of all your important data? Creating backups of your backups so you won’t have a single point of failure in case of a disaster.
Cyberattacks are not the only source of digital disasters. Hard drive failures, circuit burnouts, and natural disasters are just a handful of other examples.
As such, the best backup plan is to keep backups in multiple places, including local and cloud storage solutions.
Furthermore, we recommend taking a page from the world of software engineers and implement version control. What this means is that instead of removing all your previous backups, you keep a copy of each day for the trailing two weeks or more.
As ransomware and other virus attacks can go unnoticed for days, it can sometimes become impossible to recover your data by the time they are detected. But when you have backups with version control, you can roll back to a version that’s free of any viruses—making the recovery process smooth and snappy.
3. Have a Response Plan
When and how will you notify your customers about a data breach? What do your state’s laws have to say about it? Who will you call to help you eliminate threats, recover data, and restore your systems?
These are the kind of questions you need to answer in a calm state of mind – and sooner rather than later.
When disaster strikes, emotions always run wild and clear thinking becomes impossible. So figuring these thorny details out in advance is a crucial part of any disaster recovery plan.
4. Invest in Cyber Insurance
Every year we hear stories of multi-billion dollar corporations falling victim to data breaches. If entire departments dedicated to cybersecurity cannot stop 100% of cyber attacks, it’s safe to say that data breaches are never outside the realm of possibility.
With that in mind, investing in cyber insurance is one of the smartest decisions any business can make. Mitigating that risk with a solid insurance policy is a small price to pay for the peace of mind that comes with it.
Driving The Point Home
According to a recent report, the average cost for companies to recover from a ransomware attack has MORE THAN DOUBLED over the last year.
Researchers determined the average ransomware recovery costs have risen from $761,106 in 2020 to $1.85 million in 2021.
In Sophos’ State of Ransomware Report 2021, researchers determined the average ransomware recovery costs has risen from $761,106 in 2020 to $1.85 million in 2021. These costs are comprised of the ransom, downtime, people time, device cost, network cost, lost opportunity, and other associated financial loss.
The average ransom paid was $170,404 in 2021. The highest ransomware payment of those surveyed was $3.2 million and the most common payment was $10,000. Research yielded that 10 organizations paid ransoms of $1 million or more.
And, guess what? Of those companies surveyed around the world, a small 8% received all their data back after paying the ransom. In fact, hackers reinstated only 65% of the encrypted data after receiving the ransom payment.
The number of organizations that paid the ransom increased from 26% in 2020 to 32% in 2021.
Proactively anticipating disaster scenarios and creating a plan of action can help a business weather the most raging storms out there. Do you have questions about what cyber security solutions are appropriate for your business? We have a team of highly knowledgeable security experts that can assist you.
Schedule a 10-minute consultation with one of our Senior IT Consultants, email us at firstname.lastname@example.org or contact us. We will be happy to answer any questions you have or make recommendations on a plan for your business.