By now, you will have heard about the WannaCrypt “ransomware” cyber attack which swept the globe and took down international giants like Telefonica and FedEx. It was reported as one of the largest coordinated attacks to hit computers worldwide.
No doubt you received some very sage advice at the time about updating old devices, upgrading your antivirus software, reinforcing firewalls, securely backing up your data and looking out for scam emails.
The advice you didn’t get is to broaden your focus from just your technology to include your entire business operations. You need to think about how you will manage your business processes and customers in the event of an attack and, importantly, how you will protect yourself from lawsuits in the event of a major disruption.
Despite reports that the WannaCrypt ransomware has finally been disabled, shoring up your business protocols should still be at the top of your list of priorities as variants and copycats of the program remain.
Here are 3 simple steps you can take today to protect your business from the potentially catastrophic impact of a cyber attack:
Your clients need to be aware of the risk of a cyber attack impacting the work you’re doing for them.
Set out clearly in your agreement that you use electronic communication and tools to run your business and, while you take every precaution to protect against cyber attacks, you won’t be liable in the event of an attack causing damage, such as data loss or theft, delay or even fraud.
To make sure your Terms and Disclaimer are sufficient to cover cyber attacks, look for mentions of electronic communications, cyber attacks, ransomware and hacked links. Make sure your documents protect you from liability for such attacks.
Now is the time to review your privacy practices and see if you can better protect the personal information you collect. This is particularly important given the potential for data theft and even identity fraud in the event of a ransomware attack.