Advisory Services

October 06, 2021

How a Small(er) Business Should Prepare for a Ransomware Attack

ransomware attack

In this blog post, we’re providing you with an approach that you can apply in your small-sized business so that the damage of a cybercrime attack is greatly reduced. It’s quite simple: If you do not make time now to prepare your business, you will be forced to pay for it later. Our approach will help prepare you for what to do when an attack happens (before it happens), rather than a kneejerk reaction after a ransomware attack has taken place.

Unfortunately, it’s not a question of ‘if’, but ‘when’. According to BT Partner’s Technical Account Manager, Austin Germaine, “A ransomware attack is going to touch your organization somehow, in some way, whether it’s you or one of your partners.” His comment is backed up by Cybercrime Magazine who quotes that ransomware is expected to attack a business every 11 seconds by the end of 2021. That’s an estimated 2.8 million attacks around the globe this year alone. That’s a wild thought and one of the reasons why we want to help. How can small(er) sized organizations, who may not have the resources like some of the larger sized ones, prepare for a ransomware attack that inevitably impacts business?

A Call-to-Action

People perceive ransomware as something that locks our data, which it does, but FIRST, it offloads some or all of your data to the dark web and then posts your valuable and highly confidential data up for sale. Austin, from BT Partners, says from his experience working with clients, “Companies are most worried about losing their server data when they need to be equally worried about the data exfiltration.” If your business has personally identifiable information (PII), this becomes a MUCH larger problem.

If your PII is breached, legally you must report it. At this point, it’s no longer a private matter within your company. Eventually, everyone, and that includes your customers, suppliers, and partners will hear about it. This opens you up for the possibility of falling into major legal complications that could cause irreparable damage with long-lasting effects. Not only that but your customers and suppliers may not trust you anymore, and your company’s brand reputation could be tarnished beyond repair. That’s enough with the bad news.

We have a simple 3-step solution that can help.

Step 1 – Strategy is Key

Document a strategy for deployment when a ransomware infection occurs. This strategy must be done ahead of time when you’re thinking clearly because when an attack happens, panic sets in, and any clear thinking is thrown out the window. Include specific actions that should take place before, during, and after an attack. Every moment counts and you don’t have time to start thinking about what to do AFTER it’s already happened.

In addition, create an easy-to-follow response plan that instructs end-users on what to do immediately following a potential ransomware threat. The plan should include key contacts, clear steps, and be easily accessed in an emergency. Your end-users are your first line of defense in this type of scenario, so employing them with the right tools and training, at the right time, is imperative to limiting or stopping the damage to your company and data.

Step 2 – Invest in Just Understanding What Your Business Processes Are

If you haven’t already done this, conduct a qualitative analysis of what your most important processes are and what systems are necessary to manage these processes. That’s what you focus on, and the rest can be set aside for now. This analysis is the start of your disaster recovery (DR) Plan. Documenting your critical business processes and systems will also help in the speedy recovery of business operations once the attack is immobilized. Work with an experienced partner, like BT Partners, to guide you through creating a DR Plan. It’s a disaster, it’s not hyperbole. In every sense of the word, you need to figure out how to get out of it, and you need a playbook created ahead of time.

Step 3 – Look into How You Protect Yourself

Start a conversation with your staff on cyber insurance. What are the options out there? Who are the providers, and what sort of cost is involved? Cyber insurance protects you and your business if your data is exploited and sold. Any organization that conducts business online and stores data should purchase it to help with the fallout of a ransomware attack. Current predictions of the size of the global cyber insurance market suggest rapid growth will occur over the next five years, with the total market size increasing from around eight billion USD in 2020 to just over 20 billion USD by 2025. As cybercrime steadily increases, more and more businesses are seeing cyber insurance as a risk management technique that offers major benefits to their business, should they ever need to use it.

A lot of businesses aren’t prepared for a cybercrime attack. 39% of organizations surveyed said they have no ransomware emergency plan in place or are unsure if one exists. However, because cybercrime has increased so dramatically, especially since the COVID-19 pandemic, it’s not something you should ignore anymore. We only briefly skimmed the surface of how to prepare your small-sized business for a ransomware attack. We know there is a lot to consider. That’s why if you have any questions on how you can better prepare your company, BT Partners can offer you additional information, specific to your business. We can help you pre-attack by implementing data backups and creating a solid DR Plan that you’re confident with, as well as offer post-attack support that includes recovery solutions aimed at getting your business quickly back to its regular business operations.

Business insights and resources

data audit

How Do You Know If You Have Confidential Data?

selection process

How to Navigate the ERP Selection Process in a Software Project

ASC 606

Everything-as-a Service: How ASC 606 is Impacting More Companies – Does it apply to you?

Ready to optimize?