Security, Part 11: Develop an IT recovery plan…or else

July 26, 2017

Group of Corporate People having a Meeting about Online Protection from Virus

Here’s a crazy stat for you, courtesy of the Ponemon Institute: 90% of organizations that lose data due to a cyberattack wind up closing their doors in the following two years. We’ve spent a lot of time covering the various cyber threats your facility faces, now we want to offer tips on how to best recover should you fall victim.


As with preparing for any emergency, you need a plan—a well-tested plan. After all, the quicker you can recover from an attack, the less damage such an attack is likely to inflict. Your plan should include an inventory of hardware (including wireless devices), software applications, and data. Make sure all critical information is backed up. Constant back up is essential to any recovery plan. You need to back up frequently enough so that if you do lose data it does not spell the end of your business.


According to, “Identify critical software applications and data and the hardware required to run them. Using standardized hardware will help to replicate and reimage new hardware. Ensure that copies of program software are available to enable re-installation on replacement equipment. Prioritize hardware and software restoration.”


Your IT disaster recovery plan should be developed as part of your business continuity plan.


When developing your plan, you need to figure out the steps required to identify and triage any threats you may face. When thinking through the possible incidents and scenarios, read the news to see which real-life threats have affected other businesses. Discuss how you should best approach such threats.


Figure out who needs to be mobilized to handle all of the security, privacy, and legal implications should such an attack occur.


How will you recover from a phishing attack or a severe data leak? Once you successfully remove the hackers from your system, what will you do? Play out each possible incident, figure out a realistic response, and write your plan accordingly.


Know who to contact (government agencies, external legal counsel, digital forensics firms) should such an attack become a reality.


The next step, once your plan has been written and approved, is to communicate all the roles and responsibilities to all relevant parties. Remember, many times a threat is discovered by people outside the IT department, so make sure this circle of communication is wide.


Training is next. Walk a group of diverse employees from different departments through a cyber threat scenario. Provide feedback afterwards on how well the participants did. Train a new set of employees next. Training should be ongoing, especially as new threats emerge.


Finally, consider getting cybersecurity liability insurance. It’s a real thing and it could save your bacon.


The question isn’t “if” you’ll become a target, but “when.” Having a well-thought and practiced plan in place can mean the difference between your company surviving the attack or falling apart.


For more help on beefing up your cyber security, contact Vanguard Resources.