So don’t be caught unprepared by hacker attacks!

disaster recovery planning
So don’t be caught unprepared by hacker attacks!

providers on the subject

Most SMBs don’t have a disaster recovery plan in place to begin restoring business operations after a hacker attack. Which basic steps or measures are necessary for this?

A disaster recovery plan dictates how a business can return to full operations after an unexpected hacker attack.
A disaster recovery plan dictates how a business can return to full operations after an unexpected hacker attack.

(Image: Maria Vonotna –

Managing directors of a small company face many challenges. With tight margins and competitors on their heels, they must move faster than the competition and serve their customers better to maintain their position in the marketplace. Because SMBs often only focus on developing their business, they can end up neglecting one of their most important assets – their corporate data.

According to management consultancies, around 70 percent of SMEs that have suffered major data loss go bankrupt within a year. With the growing number of IT threats, every business is now at risk of disaster, no matter how big or small. With a solid backup and documented method for restoring the backed up data, around 90 percent of SMBs would be able to recover from a ransomware attack, for example.

Development of a disaster recovery plan

It is critical that SMB CEOs have a disaster recovery plan drawn up and updated regularly. The following procedure must be taken into account:

Assemble team: Developing a disaster recovery plan requires putting together a team and appointing a project leader and senior management contact.

Identification of all assets: One of the most important steps in disaster recovery planning is creating a complete inventory of IT assets. These assets include both software and hardware, as well as the data on which the business depends. When creating a disaster recovery plan, the team must develop plans to protect or restore functionality to all of these different assets.

Identification of potential risks for each asset: This consideration must be specified as comprehensively as possible. Possible risks should be assigned to the assets in question. From this it is advisable to select the most common risks with the highest probabilities.

READ:  Protection Goals for IT Security Explained in Practical Terms

Acceptable downtime for the company: The amount of downtime a company can cope with largely depends on what type of company it is. For example, an e-commerce company or other digital service company will only be able to tolerate very little downtime than perhaps another company. Therefore, when creating a disaster recovery plan, it is important to know how much downtime a company can handle. It should be noted that the tolerable downtime can vary significantly depending on the importance of the IT resource or asset for the company.

For this consideration, metrics such as maximum tolerable downtime (MTD), recovery point objective (RPO), and recovery time objective (RTO) are important to know. Determining these metrics should be done for each critical asset that has been identified and identified as relevant to disaster recovery planning. On this basis, it can now be determined which IT resources must be prioritized and what a successful disaster recovery scenario should look like.

Checking the Service Level Agreement (SLA): In the event that technology or important processes have been outsourced, it must be ensured that the service level agreement can take effect in an emergency. It is advisable to check exactly what defines an emergency in detail. In addition, a time frame must be defined for when the company can put the systems back into operation. A concluded contract must also explain what happens if these promises cannot be kept by the service provider.

Check insurance coverage: Insurance coverage is a must for any business, but not every type of business insurance will help in the event of a disaster. It is therefore appropriate to review current policies and ensure that there are no gaps in coverage. For example, sufficient coverage should be available to include the indirect costs of a hacking attack (e.g. business disruption) as well as direct costs such as property damage. Insurance is also offered specifically for hacker attacks. However, it should be noted that a number of conditions must be met.

READ:  How Does the Security Infrastructure of A Smart City Work?

Creation of a disaster recovery plan: After a list of assets, potential risks and acceptable downtimes has been developed and evaluated, solutions for each of the potential scenarios must be found.

Responsibilities in case of attack: In order for the recovery plan to be successful in an emergency, the responsible employees must know exactly what they have to do when the plan goes into effect. Each employee must be given clear instructions and a written copy of the disaster recovery plan.

Test runs for the disaster recovery plan: The final step in creating a disaster recovery plan is to actively put it through its paces. This requires the responsible members of the team to practice the respective actions they would take during a real disaster. This could be simulated with a parallel network or in the existing network. At the same time, it’s a good idea to test backups, since backups are a key component of the larger disaster recovery plan.


By completing these outlined steps, you can begin to create a disaster recovery plan for a company. It is important to remember that the ideal recovery plan for a company must be as unique as the company itself. Every company has vastly different needs and resources, both of which should be reflected in a well-constructed disaster recovery plan.