Don't Rinse, Rewind and Repeat...!
Posted on 11th May 2017 at 11:44
It may be time to reset and start afresh...!
No one can dispute that the threats and attacks from Cyber Crime are continuing to grow, however without even knowing we may be helping to perpetuate these threats by actually trying to do the right thing...!
When any issue occurs our human nature will always want to get everything back to the normal status quo as soon as possible, in most circumstances there is nothing wrong with this :-
A car accident
A house fire
As humans we have a compulsion to fix things and get back to normal as soon as possible, as predominantly any change make us feel nervous.
Should you suffer a Cyber Attack putting things back to the way they were is actually not the most appropriate thing to do...!
Rinse, Rewind and Repeat
Consider for one moment, the attack occurred for two reasons :-
Something was missing from our Cyber Protection.
Someone did something to go around our Cyber Protection.
Our normal recovery process would be:-
Rinse - Clean up the issue, restore from backups, rebuild etc.
Rewind - Put everything back to the way it was before the attack.
Repeat - Continue to do our normal day to day business.
In simple terms we have put everything back to way it was before the attack, we haven't discovered why it happened and implemented any change to stop the event occurring in the future, it is sadly therefore a matter of time before a similar attack may happen again with similar financial and time costs.
Should we be the victim of a Cyber Attack, we need to understand
What the attack was.
Why something in our current environment has made us vulnerable.
As businesses we may have IT companies who provide our protection services, best practice after an attack would be independently review our current environment and how it has been protected to avoid any confusion.
In order to have our business operational our recovery process should as a minimum:-
Understand why we were hit - find the root cause.
independently evaluate our current protection strategy.
Implement change to mitigate future issues.
Train our personnel.
Review regularly and update.
It is very important to stress that the above process is an overview of our complete process, the process would be tailored to your business to allow you to avoid the Rinse, Rewind and Repeat.
Tagged as: Avoid Cyber Criminals, Cyber Protection, Cyber Recovery Plan, GDPR, Protect your Business, Stay safe online
Share this post: