Recovering from a cybersecurity incident can be a daunting undertaking, especially if you’ve lost information that’s critical to running your business. But you can limit the damage to your company and your reputation by developing a solid recovery plan in advance.
Conduct a full, encrypted backup of your data on each computer and mobile device at least once a month, shortly after a complete malware scan. Store these backups at a protected, off-site location. Save your encryption password or key in a secure location separate from where your backups are stored. Many software applications will allow you to encrypt your backups. With your backups in place, if a computer breaks, an employee makes a mistake, or a malicious program infects your system, you’ll be able to restore your data. Without backups, you’ll have to manually recreate your business information from paper records and employee memory.
It’s essential to back up data such as:
- Word processing documents and electronic spreadsheets
- Databases, especially customer relationship management (CRM), financial, human resource (HR), and accounts receivable (AR)/payable (AP) files
- Product design and manufacturing data
- Other operational technology (OT) data such as machine and process condition monitoring and analysis
- System logs and other information technology (IT) information
Don’t worry about the software applications; just focus on the data. Store your backups on an external USB hard drive, other removable media, or a separate server. Use caution when selecting a partner if you decide to store your data online and encrypt all data prior to storing it in the cloud.
Hard-drive backups should be large enough to hold all your monthly backups for one year. Create separate folders for each computer so you can copy your data into the appropriate folder on the external drive. After your backups are complete, test them immediately to ensure your efforts were successful.
Like flood or fire insurance, you can purchase cyber insurance for your facility. These services can help you recover from an information security incident more quickly and effectively and may cover the cost of:
- Cybersecurity expertise to assist in identifying the extent of damage caused
- Consultation to help investigate the incident and report it to the appropriate authorities
- Loss of revenue due to downtime
- Legal fees, fines, and penalties incurred
The Reschini Group can help you navigate the ever changing world of cybersecurity. Contact us today to discuss your situation.
Copyright 2020 The Reschini Group
The Reschini Group provides these updates for information only, and does not provide legal advice. To make decisions regarding insurance matters, please consult directly with a licensed insurance professional or firm.
Excerpted from: https://www.nist.gov/blogs/manufacturing-innovation-blog/how-recover-cyber-attack