September is National Preparedness Month and a good time to think about whether your company is ready. Companies can improve preparedness by being proactive – ready to deal with the dangers they know and those they don’t. From an IT perspective organizations need to know the impact that any disruption will have on their ability to conduct business. At one point “disasters” were very physical – hurricanes, tornadoes and fires. Today the “disasters” or pervasive disruptions are more insidious and are compartmentalized or focused on core business functions and the data that is core to a business. So while a datacenter is still operating, one of these scenarios could render a company to be out of commission.
Today, companies of all sizes must prepare for disruptions that can originate in three ways:
- Malicious insiders who harm infrastructure or pollute data pools
- Negligent or over worked resources who introduce disruption through faulty change or configuration management
- Bad actors or hackers who disrupt businesses by taking valuable data hostage for ransom
Now, with resilient data center facilities, sophisticated weather forecasting and inexpensive infrastructure imaging like cloud, companies are able to mitigate risk and control the effects of a natural disaster. On the other hand, the less visible and often undetected cyberattacks can do more damage and have longer term negative impact on the brand.
Disaster recovery and business continuity are evolving and now include specific plans for core business processes, their applications and their related data. Ignoring the impact on the business from cyberattacks limits the effectiveness of your preparedness strategy and could result in long term brand erosion, loss of corporate good will and in some cases has been shown to put a once thriving company out of business.
Preparedness requires proactive planning and strategies to act quickly when a cyberattack puts the data that matters at risk.