Why You Need a Cybersecurity Business Continuity Plan Right Now
While you hope you never need it, a business continuity plan is essential to keep your business running in the face of critical events. Whether that is a single office being offline due to a natural disaster, or our current global pandemic that has ground the world to a halt, the last thing you want to do in the middle of a crisis is to begin preparing a plan.
Because so much of the way we conduct business today involves technology, the CIO plays one of the most important roles in business continuity planning. Using COVID-19 as an example, many businesses had to figure out how to convert from an office-based workforce to a 100 percent remote workforce practically overnight, while also shifting their digital channels, products, and operations into overdrive.
A Rise in Coronavirus-Themed Attacks
Imagine how difficulty it would be to manage your COVID-19 response while also responding to a major cyberattack. With employees relying on ad-hoc digital tools, processes, and personal devices to work from home, the reality is that your business is exposed to hackers.
Attackers already leverage COVID-19 as a part of their social engineering attacks. According to Europe's law enforcement agency Europol, cybercriminals now use coronavirus-themed phishing attacks and targeted business email compromise attacks to steal passwords, get bank account information, and distribute and execute malware and ransomware attacks. As more employees work from home, cybercriminals can exploit a larger attack surface that is more lightly defended than that of the corporate network.
The Role of a Cybersecurity Business Continuity Plan
Because an attack like ransomware can seize up the systems you need to run your business, a cybersecurity business continuity plan is crucial for your business to recover quickly. Such plans help you prepare for the day a cyberattack launches, so you can preserve access to data and systems, reduce losses, and get back to work faster.
There are a number of cybersecurity risk-based frameworks you can use to design, measure, and monitor processes, such as the NIST Cybersecurity Framework, SANS CIS Critical Controls, and ISF Standard of Good Practice. Each of these frameworks includes a structure for creating a response plan, recovery plan, and associated business continuity arrangements.
All cybersecurity business continuity plans should include these four elements:
- Identify critical assets and functions.
- Encrypt sensitive data in transit and in storage to protect it in case of theft.
- Test your plan and response to ensure plan effectiveness.
- Train other business stakeholders in their responsibilities during a cyberattack.
Is Your Plan Prepared for a Pandemic?
Even if you already have a cybersecurity business continuity plan, you likely need to update it on the fly now to accommodate the rapid changes in your business environment. CIOs should also consider how they will approach their cybersecurity response when their workforce and their IT team are all remote during the COVID-19 health crisis.
As part of your extra due diligence:
- Review use cases of employees working remotely, including the systems, data, and software they need to access.
- Consider the hardware employees use (company-issued or personal devices), the networks employees access, and how to ensure endpoint security to allow secure sign-on to corporate systems.
- Train newly remote employees on how to safely access the network.
- Provide additional training for employees to help them identify and avoid social engineering attacks taking advantage of COVID-19.
- Scale and secure technologies for videoconferencing, messaging, and collaboration.
Boost and Accelerate Your Response to Cybersecurity Attacks
In the event of a cybersecurity attack, the level of your cybersecurity expertise and the speed of your response are the two critical factors that determine how much damage is done to your business. A cybersecurity business continuity plan provides the playbook you need to react immediately, saving you crucial days, hours, and minutes.
In addition, a security operations center (SOC)-a-a-service like Arctic Wolf’s can help you stay prepared and respond faster with 24x7 monitoring of systems and devices, advanced threat detection and response, proactive endpoint security measures, and a team of dedicated security experts who help you contain and respond promptly in the event of a cyberattack.
The key to overcoming any disaster is to be prepared. As we all adjust to new work dynamics that COVID-19 has forced upon us, now is the time to create or update your cybersecurity business continuity plan to prepare for a cyberattack. Hopefully, you'll never need it— but you'll be happy to have it if and when you do.