4 steps to business continuity in a world of increasing cyber crime

We’ve covered a lot of on our blog about the scale of today’s cyber security threats, and the damage they can do to the businesses who suffer a breach. This is because the attacks are getting more sophisticated, and hackers are targeting more and more businesses, particularly in the SMB space.  A report by Symantec found that 3 out of 5 cyber attacks now target small businesses.

Possibly the most high profile type of attack (and the most prolific) is ransomware, such as Cryptolocker. This is literally holding businesses to ransom, demanding payment to release encrypted data. One of the most recent versions, known as Jigsaw, actually deletes files on an hourly basis until the 72 hour mark, when all remaining files are removed.

According to some reports, the cost of recreating lost data is upwards of £10K for 20MB, and much more for engineering and medical data. And that’s before you take into account the immeasurable damage to reputation, penalties for non-compliance, and the fact that your competitors may immediately pounce on your customers.

So the question is, why does this keep happening?

In the modern world of high availability and instant gratification, few businesses can afford to be brought to a standstill. The problem lies in the fact that most businesses haven’t fully considered their recovery time and recovery point objectives. Which means the fallout from an attack is often far worse than it has to be, and many attacks can actually be prevented before they take hold.

So, what action can be taken to mitigate the risks, dodge the bullets and keep everything running smoothly, as those who fail to act are taken down around them?

Eliminating the potential nightmares completely is a challenge, but these four steps might just mean fewer sleepless nights:

  1. To begin with, it’s essential that you attempt to quantify the financial and reputational impact of an attack and the resulting downtime or data loss. Only then will you fully understand the value of investing in measures to protect your business.
  2. Secondly, people are undoubtedly a weak link when it comes to security, so it’s critical to educate them about remaining vigilant to the threats and techniques employed by cyber criminals. Is that email requesting an immediate payment to a new supplier really from the MD?
  3. Thirdly, deploy technologies that monitor your IT environment from the network to the endpoint and protect your business from the widest range of attacks. Sophos Heartbeat synchronised security has been described by independent experts as a significant innovation that can raise security performance standards for medium-sized organisations.
  4. Finally, ensure your data is backed up and you have a robust Disaster Recovery plan. Datto is a ground-breaking solution that allows you to roll back to a point before the data corruption, or loss, and be up and running again almost instantly.

That’s really just the starting point, and this should all be part of a broader disaster recovery plan which doesn’t simply sit in the drawer but is tested on a regular basis.

In fact, according to Aberdeen Group businesses that lead the way in disaster recovery and business continuity are five times less likely to experience downtime or business interruptions.

If you’d like to see the benefits of Sophos Heartbeat and Datto in action, they form an important part of our futuretech conference in London on the 23rd June. It’s free to attend and we are almost at capacity so the best thing to do is book online here without delay!