Posted in Security

How does a small business recover from a cyber security incident?

The mantra of cyber security experts is that you shouldn’t make plans thinking if you are hacked, but plan for recovery when you are hacked. Sure, according to studies and statistics it is practically inevitable that especially small organizations easily become victims of cybercrime. Consultancy company Accenture has estimated that one third of cyber attacks are aimed at small organizations. Only 14% of them have the means to survive a breach. Fortunately, an effective defense technique is not that difficult or expensive to adopt.

MIT (Massachusetts Institute of Technology) and OVHcloud (a cloud service and hosting provider) explored the risks of cyber attacks from the perspective of a small and midsize organization in a report called A new age of disaster recovery planning for SMEs. Let’s take a look at the key lessons small organizations and home users can take away from the report.

  • Most small and midsize enterprises become cyber crime victims because of human error. Other studies specifically mention social engineering and phishing as the most effective methods that criminals use to break into computer systems.
  • At the end of 2021, midsize companies were 500% more likely to be attacked than two years earlier.
  • Once cybercriminals have managed to get access to a computer system, they may work days or even weeks silently collecting information, studying the system, and preparing for the actual attack.

According to the MIT and OVHcloud disaster recovery report, the principal solution is to take good care of backups. For a one person small business, it is easy, for a 100 person organization more complex, but it is doable and doesn’t necessarily cost much. We did a recovery planning session for our small business a while ago, and managing backups was the most important action point for us.

The overall disaster recovery plan for any type of organization is meaningless if there is no data to restore. Once the backup plan is ready and tested, the overall recovery planning can be put together.

The MIT and OVHcloud report recommends 3-2-1 backup strategy. It means having:

  • Three copies of all data.
  • Two copies on different types of storage device as the original.
  • One of these copies is stored off site, maybe in a cloud storage or in another safe place.

Additionally, the report, as well as some cloud storage providers, recommend having two off-site copies if you want extra insurance (it is known as 3-3-2 or 3-2-2). The objective is – in an unfortunate case of successful cyber attack – to make it practically impossible for ransomware criminals to destroy all backups.

Of course, it is a good idea to try and stop criminals at the gate and not let them in at all. Recent studies indicate that the most common method that hackers use for getting access to a computer system is social engineering. In addition to technology solutions, the human factor should be a priority in all cyber security planning.

Leave a Reply

Your email address will not be published. Required fields are marked *