Cybersecurity and ransomware are dominating the news. Even the CIA can’t keep its most sensitive data out of the hands of WikiLeaks. And while IT teams and security officers are consumed by this news, executive, compliance and legal teams are also paying attention due to the business-wide repercussions of an attack, from productivity and revenue losses to business process failures.
Your customers — regardless of size — can’t help but wonder: Are we prepared?
While each company will have its own specific needs around a security plan, on a high level, there steps organizations can take now to minimize risk, protect data from potential future attacks and be prepared to respond fast.
Have a Go Bag
Organizations of all sizes need to understand the challenges they could face immediately after an attack:
Challenge: Incomplete or inadequate response plans
There are many potential attack scenarios. Customers need to identify the ones most likely to affect them, whether ransomware, DDoS or loss of customer data. Only then can they put in place first-response plans, from technology, data and communication standpoints, for getting the business back up and running.
Challenge: Lack of funding to properly execute response and recovery
Even if customers know what they should do, they may not have the budget necessary to bounce back. The 2016 Ponemon Cost of a Breach study shows the average total cost per record breached is $158, but healthcare records are higher, at $355. Partners can help with a fiscal reality check. One way to prepare is to have cybersecurity insurance to help with notifications, first- and third-party damages, and lost income.
Challenge: Lack of a communications plan, both internally and externally: Organizations should formulate in advance a detailed plan to communicate swiftly with employees, partners and customers, including but not limited to notifications required by law.
Challenge: Inability to properly recover lost or damaged data
Malicious attackers can steal, update or delete data, hold it ransom or encrypt it. Organizations need to understand how they can get that information back to continue moving the business forward. It’s often a mix of isolated backups and having a bitcoin wallet ready.
Challenge: Cannot meet defined recovery-time and -point objectives: Organizations with defined RTO and RPO metrics in place must prepare across a variety of scenarios to get data back in the right format in the specified timeframe.
Once the immediate crisis has passed, customers need to evaluate their security postures using the “protect, detect, respond, recover” method:
Longer term, customers must follow these keys to success:
As customers become ready to go deeper, consider the guidance within the NIST Cybersecurity Framework, which was drafted by the Commerce Department’s National Institute of Standards and Technology. The framework is based on proven standards, guidelines and best practices to better manage and reduce risk, and foster communications among both internal and external stakeholders.
**Editor’s Note: Ready to take the next step in helping customer secure their data? Join us at Channel Partners Conference and Expo for our security track, including Managed Security Services: The Next Opportunity and Assessing Customer Risk For Fun & Profit. See you in Vegas!
Jeff Erramouspe leads the Spanning team, not just in the ways you’d expect – such as developing strategy, budgeting, and recruiting – but also by enabling great people to do their best work. This means setting goals that inspire excellence while eliminating obstacles to success. Prior to being appointed CEO and president, Jeff was Spanning’s chief revenue officer. Before that, he was the president of Manticore Technology, which he led through three successive years of revenue growth in the highly competitive marketing automation market.
Find simple & effective ways to leverage social media to make your sales efforts more successful during this 1-hour… twitter.com/i/web/status/1…
July 17 2019 @ 15:55:13 UTC