This article was written by guest contributor Chris Henderson. Henderson runs threat operations and internal security at Huntress. He has been securing MSPs and their clients for over 10 years through various roles in software quality assurance, business intelligence, and information security.
If your cybersecurity programs for your MSP clients focus solely on prevention and detection mechanisms, they’re falling short in today’s cyberthreat landscape. Prevention and detection are certainly important. However, they are inherently limited in their ability to mitigate the consequences of a successful cyberattack. When prevention and detection mechanisms fail—as they inevitably will at some point—organizations often find themselves unprepared to respond effectively if they don’t have a business continuity plan. This unpreparedness can lead to significant downtime, data loss, financial losses, reputational damage, and even legal liabilities.
The May 8 cyberattack on Ascension Health serves as a stark reminder that effective response and recovery strategies are critical. The implications of the Ascension breach were severe. Even 35 days after the initial attack, their systems remained partially dysfunctional and unable to fully resume operations.
However, upon discovering the security event, Ascension Health enacted procedures to ensure the continuation of services without relying on their existing technology solutions. These procedures involved paper charting, a practice that many of the newer entrants to the field likely have not had extensive experience with prior to this emergency. Their ability to utilize these secondary procedures was only possible because they had planned for their systems to one day become unavailable.
Time To Revisit Your Clients’ Business Continuity Plan
This same level of preparedness has the potential to be the difference between a small business sustaining a ransomware attack or putting it out of business. Of course, reverting to paper may not be a suitable continuity plan for many MSP clients. But it is a great reminder to go check the last time your client updated and tested their continuity and recovery plans.
Business continuity planning is an important complementary process to backup and disaster recovery. While your backups can ensure a system is back online with minimal data loss, a business continuity plan will keep the business running while those backups are restored. If you have not walked through continuity planning with your customers, now is a great time to start.
Get Started With A Business Impact Analysis
To begin continuity planning, first start by performing a business impact analysis. Work with the business to identify each of the processes that take place within the organization. Let’s use payroll as an example. For each process, ask a few questions:
- What key technology does the process rely on?
- Does the customer have documented procedures?
- Is there more than one person who can perform the function?
It is also crucial to understand the impact to the business if the process is disrupted. In assessing business impact, calculate the criticality of a process based on the revenue loss that would result from an outage.
Utilizing the data provided, you can now begin to develop comprehensive business continuity plans. You then prioritize these plans based on the criticality of each process. By systematically addressing the most crucial operations first, businesses can ensure that essential functions are preserved and can be quickly restored in the event of a disruption.
Reducing The Impact Of An Incident
When these continuity plans are integrated with corresponding disaster recovery plans, your SMB customers will be better equipped to respond to incidents effectively. This coordinated approach significantly reduces the potential impact of any incident, helping to maintain operational stability and safeguard the business from prolonged downtime or loss of critical resources.
