The ransomware attack against meat supplier JBS has underscored one simple truth: no industry is immune. Every organization needs to plan now to ensure continuity of operations in the wake of a cyber event. No time for cud chewing, let’s get cracking:
- Quantify your most sensitive assets and critical points of failure. Where are the bottlenecks that will have the worst repercussions in the event of a breach? In JBS’ case, it is likely the company’s supply chain. Customer lists probably not so much. Each organization is unique.
- Understand your threats vs. risks. These two concepts are often confused.
- Threats are the malevolent actors seeking to do harm. Who are the most likely threats to your organization and what capabilities do they have? These may be largely unknown, which leads us to risk.
- Risk is the likelihood that something bad will happen. Categorizing risks as high, medium or low will help you sort out where you need to concentrate your efforts.
- Make a plan. What exactly will you do in the event of system failure? Who will be responsible for orchestrating your organization’s response to a cyber event -- is it the CIO, CISO, Security, Operations? Make sure everyone knows his/her role should the worst happen.
- Test your plan through regular tabletop exercises. Turning a plan into shelfware does no good. A well-executed but mediocre plan always beats an excellent plan that is never carried out.
- Back up your digital assets. Regularly. As the story goes, after international shipping conglomerate Maersk suffered a catastrophic breach, employees flew in from across the world, each carrying some of the necessary data and equipment to restore Maersk’s systems. This was lucky. Don’t rely on luck.
With a road-tested continuity of operations plan in place, you will be better protected when cyber disaster strikes – regardless of the source.