Cyber Attack – Are you as protected as you think you are? (Part Five – Disaster Recovery)

October 6th, 2023
Cyber Attack – Are you as protected as you think you are? (Part Five – Disaster Recovery)

Imagine you’ve been hit by a Cyber Attack. Your network is locked by ransomware and all your data is compromised. What now? Many people rely on their backups as a way to restore their data. But what if your backup is compromised? The backup could be old or incomplete because the backup program wasn’t working properly? Or the backup data, which is on your school network, could be compromised, either by data corruption or the Attack itself.

Fortunately, there are ways to prepare for this. If you make sure there is a copy of your backup at an offsite location, it makes it much less vulnerable to a Cyber Attack. If you also have a process that checks backup completion daily, and do regular test restores, you can be confident your data will be there when you need it.

While we are discussing disasters, it is a good idea to also think about how physical events could affect your network. We have seen computer equipment destroyed by a flood caused by a burst pipe, and an entire server room worth of equipment destroyed by a roof leak right above the closet. Have you considered what would happen if the major network closet for your district was destroyed? How would that affect your district’s ability to function and what would your response be? Many districts are choosing to create a Disaster Recovery plan to prepare for all eventualities. While physical events are less likely than Cyber events, anything that affects your network availability can cause a major disruption to your district. Will you be ready?

This week’s suggestion:

  • Talk to your Tech Director about how you are doing backups and whether there is an off-site copy
  • Talk to your Tech Director about whether test restores of your backup are being done on a regular basis
  • Find out what your Disaster Recovery plans are in the event of a cyber attack or a natural disaster and confirm they are appropriate in light of your current IT needs
  • Continue (or start) the process of coming into line with the NIST Cybersecurity Framework guidelines

Next week’s bulletin will discuss “Cyber Attack - Are you as protected as you think you are? (Part Six – Vendor Access to Your Network)”

If you would like more information on help with Disaster Recovery or navigating the NIST CSF journey, please contact Lisa MacDougall at lmacdougall@csiny.com or call 845.897.9480.