Now that 2020 is coming to a close, it is more important than ever before for owners, CFOs, IT members, and HR professionals to develop a disaster/cyberattack manual. And as all experts agree, it’s in your best interest to have a plan in place BEFORE something happens.
4 Tips To Help Create Your 2021 Disaster And Cyberattack Recovery Manual.
- Plan for multiple scenarios (fire, natural disasters, and cyberattacks).
- How your business will back-up its valuable records/files.
- How to inventory all assets, passwords, and employee files.
- How your business will handle (and function) a disaster in the first 24, 48, and 72-hours.
Important: Assign An Emergency Planning Team/Leader.
To ensure that your detailed disaster plan gets done (and updated), assign a point person to consolidate your manual. We also recommend having a PR person in place should a news channel(s) want to interview someone from your staff.
3 Sections To Most Disaster Planning Manuals.
Your disaster manual needs to incorporate many critical items. Additionally, we recommend having two manuals; one on-site and one off-site. But most importantly is this: You have immediate access to crucial information post a disaster.
Section 1: Business Insurance Policy(s) Limits/Liability - Meet with your insurance agent to review what you have as it’s a great time to catalog your inventory, technology, phone numbers, and policy numbers. Don’t forget to add a copy to your manual. Also, ask your agent this, “What aren’t we covered for when a fire, cyberattack, employee violence, or natural disaster occurs?”
Section 2: Pictures/Records Of Your Assets - Since a picture is worth a thousand words, we recommend taking a picture of your inventory, technology, building upgrades, etc. We recommend having two (2) jump-drives (loaded with photos/scanned documents).
Section 3: Cyberattacks Need To Be Addressed ASAP - According to the U.S. National Cyber Security Alliance, it is estimated 60% of all SMBs fail within six months of a cyberattack. Key areas for this section:
- Who is responsible for keeping your anti-virus software up-to-date.
- Who is responsible for educating your employees.
- Who is responsible for developing and implementing a formal security policy.
- Practice your incident response plan.
Other Sections To Consider: