Cyber vulnerabilities are increasing daily and have pushed companies, large and small, into planning for these new occurrences. Now is the time to include cyberattacks into the Business Recovery and Disaster Recovery Plans of the organization.
what connection points can be hacked?
- Incoming public and private network connections including routers, switches and firewalls can be infiltrated
- Equipment that supports the IT environment like servers, storage and printers
- Operation programming components that make the IT equipment work including: operating systems, subsystems and applications
- Even the phone and process control systems that support the facility equipment and machinery
What should be part of the plan?
Identify the threat
This can be a daunting task, since it may not be obvious that the operational impact or the physical damage was caused by a cyberattack. If the attack was for ransom purposes, it will most likely be communicated. However, if it was for retribution or publicity, there may be no communication at all.
React to the attack
The person identifying the problem needs to know who to contact and what immediate actions should be performed. The first actions taken could stop the damage or make it much worse.
Stabilize the Operation
The full extent of the damage needs to be assessed and the plan needs to be executed to:
- stop the failing equipment or process
- isolate the problem areas
- decide what parts of the business can continue
- develop alternate work schedules
- make arrangements for support groups and forensic services
Mitigate the damages
See what can be reclaimed and determine if the operation can run in degraded mode, manual mode, or at the disaster site.
Recover the operation
The recovery effort will be directly proportionate to the amount of damage that was incurred. This includes both physical damage to equipment and the impact on the business in terms of lost revenue, damaged goods, perishable goods, penalties, and fines.
The Disaster Preparedness Plan needs to be updated with processes and procedures to prevent a similar occurrence from happening again.
For more information on HSB Cyber solutions, check out our resources here:
Click here for HSB’s other Cyber blogs on Equipment Connection.
Want more information like this delivered straight to your inbox? Click the “Follow” button on the bottom of the screen and enter your email address.
© 2021 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved. This article is for informational purposes only and is not intended to convey or constitute legal advice. HSB makes no warranties or representations as to the accuracy or completeness of the content herein. Under no circumstances shall HSB or any party involved in creating or delivering this article be liable to you for any loss or damage that results from the use of the information contained herein. Except as otherwise expressly permitted by HSB in writing, no portion of this article may be reproduced, copied, or distributed in any way. This article does not modify or invalidate any of the provisions, exclusions, terms or conditions of the applicable policy and endorsements. For specific terms and conditions, please refer to the applicable endorsement form.