Data Loss Prevention is not only the last resort during a cyber incident, in most ransomware cases it is the only resort.
Data Loss Prevention is, as most of us hopefully know, much more than just making backups from important data, but is all starts with backups, of course. These backups should however also include important other information, like for example accounts, access rights, and more. Too many organizations have made the very costly experience that their data was available in backups, but not the crucial information about their infrastructure. The result in these examples is that many hours and even days were lost.
Data Loss Prevention policies should include full scenarios from recovering from a minor data loss up to a full scale recovery after a major disruption, for example a ransomware attack. And most importantly, these scenarios must be rehearsed regularly. As odd as it may sound, the full scale recovery from a full scale data loss must be practiced to find the issues. When the worst case scenario kicks in is not the moment that anyone wants to start sorting out all the crucial items that were not covered by the Data Loss Prevention policies and their execution!
Data Loss Prevention is not only the last resort during a cyber incident, in most ransomware cases it is the only resort. Learn more about Cyber Crisis Management and other essential skills in online education by Dr. ir Johannes Drooghaag.
Dr. ir Johannes Drooghaag – CEO Spearhead Management