Just because you can recover your data after ransomware doesn’t mean you won’t suffer losses.
Let’s say your company lost its data but fortunately managed to get it all back. Either by recovering the data from an offsite storage, an onsite backup, possibly a backup someone had tucked away in a safe or, the worst case, paying a ransom.
Data recovery is important but even more so, is business continuity. Depending on how long it takes to recover your data determines your real loss of revenue. When determining how to backup data one needs to determine how much down time the agency or business can handle (Recovery Time Objective or RTO). Everyone typically knows their RPO (Recovery Point Objective) but doesn’t always factor the cost of what employees will or more so, will not be doing while systems are down.
That’s why all businesses, both public and private need a good disaster recovery plan in place. A document stating not just how to recover the data but to have a plan in place so everyone can continue their work without missing a beat while recover is in the works. That is business continuity!
“The actual costs of ransomware attacks, including lost revenue, can far eclipse the simple dollar amount of any ransom paid.” Says Cynthia Brumfield in this detailed article in CSO.
Even after cyber insurance payouts, companies still find that they still suffered significant loss in revenue that can never be recovered. Do you have a plan to get it all back?