It is common to have to deal with IT incidents and be faced with undesirable situations, not because of the type or severity of the incident, but rather because of the lack of organization of those who suffered it.
Facts
Recently, a company suffered a ransomware attack. They then engaged Cyberoo’s Incident Response Team to remedy what happened and restore Business Continuity. The attack was classified as serious because all servers and most PCs were encrypted by the attackers; however, previously made backups emerged unscathed from the offensive action.
Backup can always save the day -maybe
After putting the infrastructure secure again and checking the integrity of the backups, we encountered a problem with restoring information. The most strategic and important service for the company had only one restore point available, which was three months old and immediately considered useless due to the amount of missing data.
To restore the company to working condition, management asked all employees to participate in a manual inventory that lasted ten days.
Awareness and Governance: lessons learned
Awareness and Governance in cybersecurity are key pillars for the stability and resilience of any organization. The importance of these two components relates not only to the prevention of incidents, but also to the effective restoration of activities in the event of data loss.
In terms of awareness, it is crucial that all parties involved in cybersecurity processes are aligned on cyber risks and best practices to mitigate them. This means not only understanding the most visible threats, but also knowing and complying with the processes defined for Business Continuity.
At the same time, governance plays a critical role in ensuring that such awareness practices are translated into concrete and systematic actions. Through clear and detailed documentation, companies can establish operational guidelines that define specific responsibilities, procedures and protocols for managing cybersecurity.
By ensuring that these areas are carefully maintained, organizations not only reduce the chance of incidents, but also gain the structures and knowledge needed to respond quickly and effectively, minimizing the impact on business continuity and preserving stakeholder confidence.
