PLAN4CONTINUITY PLAN OF THE WEEK: Cybersecurity and ransomware attack


This week's featured Plan4Continuity plan template focuses on cybersecurity, specifically when falling victim to a ransomware attack. We link the plan to real-life examples and explain  how it addresses such examples.

If you consider some of the highlights of the last week, it is clear that cybercrime incidents such as ransomware attacks are business as usual.

1.   Speed of actions can make the difference

2.   Set up your Plan4Continuity Ransomware attack plan

3.   Activate your Plan4Continuity Ransomware attack plan

There are many different types of threats that can wreak havoc on an organization's IT systems. In this post, we are focusing on a ransomware attack which may have been initiated from several routes into the network.

1.   Speed of actions can make the difference 

During a Ransomware attack speed of actions is critical since the ransomware software is trying to encrypt as much as possible, both on the first computer infected and all others connected to it. Additionally, with businesses increasingly working from home, the increase in remote working platforms and endpoints, ransomware attacks have, unsurprising, increased since the COVID-19 breakout.

2.   Set up your Plan4Continuity Ransomware attack plan   

When setting up your ransomware attack plan, first set up the most important elements of continuity planning namely: your people (plan manager, plan activators, other stakeholders that should be notified in the event of an attack, and so forth); assets; services; locations; and vendors/suppliers/customers.

3.   Activate your Plan4Continuity Ransomware attack plan        

In the event of a ransomware attack, active your plan and follow the following steps: (i) Isolate the infected computers and devices immediately and (ii) broadcast notice to your people, “we have been attacked by ransomware, disconnect devices from network-Wi-Fi immediately. Await instructions”. Thereafter, (iii) determine the infection type and the extent of the infection and attempt to (iv) restore encrypted data and bring machines back into service. Finally, (v) conduct a full Cyber Security review
and (vi) obtain sign-off for this ransomware attack from the authorized signatory.

The best way to fight off a ransomware attack is to not let it happen in the first place. This means having controls and security in place to prevent an attack. Not only will our Ransomware Attack plan guide you through what to do when one does occur, but our Cyber Security - Quarterly review will ensure that you stay ahead and prevent attacks from happening at all. Each of our plans must be reviewed to adjust it to your specific organization and needs and can be edited as needed before being finalized.

You might also be interested to read:

Judgment Day – MSP Targeted Ransomware Attacks Threaten Industry Credibility

Meeting the emerging threat: Streamline business continuity to protect against ransomware

This is not a drill: Business Process Automation when hit by a data breach