Planning for a Worst-case Scenario

Ignorance is bliss. We’ve all heard that statement before. But does it actually ring true? It certainly doesn’t when it comes to cybersecurity. While you may not have been directly impacted by a cyber attack in the past, it’s imperative that you protect yourself against threats in the future. That includes planning for your worst-case scenario.

Imagine your business has fallen victim to a cyber attack. What would you be most concerned about? The compromise of customer data? Outside sources having access to contracts and contacts? Perhaps it’s the overall feeling of vulnerability that makes you uncomfortable. While it may seem fatalist, in order to protect your business against threats it’s important to prepare for the worst-case scenario. It’s too easy to just make a few small changes and hope they’ll suffice. You can only plug a hole in a boat so many times before it starts taking on serious water. Planning for a wide scale breach helps you address not only the large areas that require protection, but also assumes that you’ve also taken care of vulnerabilities that can impact other vital components of your business, too.

A recent article from Mashable, entitled “Worst Possible Cybersecurity Breaches Could be far Worse than you Imagine,” outlines the possible situations that could see global governments fall victim to online attacks. These scenarios are certainly worst-case, but they demonstrate an important lesson: understanding what you have to protect and what vulnerabilities exist so that you can address the issues before they grow into larger problems.

When planning for your worst-case breach, consider the impact it would have on your organization. Make a list starting with your biggest items to protect. If your biggest concern is the exposure of customer information, you might want to consider where the data is saved, who currently has access to it and it’s level of encryption and security. Perform the same action – identifying the issue and risks – with every item on your list. Once you’ve developed a list, you can start to build your security strategy. If you’ve isolated the components you’re most concerned about, you’ll be able to work your way back to the beginning from there, implementing strategies that will cover other important areas of your business.

There are different strategies for protecting your business. Re-evaluating how you share documents both internally and with clients, investigating the security practices you have in place and the permissions you grant to employees can all benefit the security of your organization. It can be frightening to contemplate negative activities that could impact your organization, or even potentially lead to its demise, but by preparing yourself for a large attack you’re investing in your future.

Have you developed security plans based on the worst-case scenario of a breach at your office? Let us know about the process in the comments below.

Tony Abou-Assaleh

President and COO of TitanFile, Tony is a computer scientist, researcher and an ex-Googler with extensive background in information security and team leadership.

Add Comment