Three people in a business meeting using a laptop

How to include cyberattack risks in your business recovery plan

Cyber threats are increasing daily and have pushed companies, large and small, into planning for these incidents. Now is the time to include cyberattacks into your Business Recovery and Disaster Recovery Plans.

What connection points can be attacked?

  • Incoming public and private network connections including routers, switches and firewalls can be infiltrated
  • Equipment that supports the IT environment like servers, storage and printers
  • Operation programming components that make the IT equipment work including operating systems, subsystems and applications
  • Even the phone and process control systems that support the facility equipment and machinery

What should you include in your recovery plan?

A person working on a cyber risk recovery plan at the office

Identify the threat

This can be a daunting task, since it may not be obvious that the operational impact or the physical damage was caused by a cyberattack. If the attack was for ransom purposes, it will most likely be communicated. However, if it was due to malicious intent or for publicity, there may be no communication at all.


React to the attack

The person identifying the problem must know who to contact and what immediate actions should be performed. The first actions taken could stop the damage or make it much worse.


Stabilize the Operation

The full extent of the damage needs to be assessed and the plan needs to be executed to:
 

  • Stop the failing equipment or process
  • Isolate the problem areas
  • Decide what parts of the business can continue
  • Develop alternate work schedules
  • Make arrangements for support groups and forensic services


Mitigate the damages

See what can be reclaimed and determine if the operation can run in degraded mode, manual mode, or at the disaster site.


Recover the operation

The recovery effort will be directly proportionate to the amount of damage that was incurred. This includes both physical damage to equipment and the impact on the business in terms of lost revenue, damaged goods, perishable goods, penalties, and fines.


Prevent reoccurrence

Your Disaster Preparedness Plan needs to be updated with processes and procedures to prevent a similar occurrence from happening again.

To learn more about HSB’s Cyber solutions check them out here:

This article is for informational purposes only and is not intended to convey or constitute legal advice. HSB makes no warranties or representations as to the accuracy or completeness of the content herein. Under no circumstances shall HSB or any party involved in creating or delivering this article be liable to you for any loss or damage that results from the use of the information contained herein. Except as otherwise expressly permitted by HSB in writing, no portion of this article may be reproduced, copied, or distributed in any way. This article does not modify or invalidate any of the provisions, exclusions, terms or conditions of the applicable policy and endorsements. For specific terms and conditions, please refer to the applicable insurance form. Posted on April 11, 2022