UnHacked Episode 17: "You Can Never Get UnHacked"
Key Topics
Cybersecurity Credentials and Verification
- There are minimal legal requirements to become an IT security provider
- Only basic business licenses are typically required
- No standardized certifications or credentials are mandatory
- Businesses should seek third-party verification of their IT provider's work
- Regular vulnerability scans and assessments are recommended
Recent Breach Case Study: London Drugs
- Major pharmacy chain in Western Canada (80 locations)
- System breach resulted in 5+ days of complete store closure
- Potential compromise of sensitive customer data
- Significant financial impact (millions in losses)
- Limited public communications citing "abundance of caution"
- Phones restored after 4 days, indicating severity of breach
Incident Response Plan Components
Preparation Phase
- Identify potential threats and vulnerabilities
- Document all systems and applications in use
- Create containment strategies
- Establish clear roles and responsibilities
Initial Response
- Contact insurance provider before any remediation
- Engage legal counsel
- Coordinate with PR team
- Avoid destroying potential evidence
Operational Continuity
- Develop manual/offline business procedures
- Create separate teams for technical recovery and business operations
- Establish backup communication methods
- Plan for temporary workarounds
Recovery Process
- Follow insurance provider's protocols
- Document all steps taken
- Preserve evidence for investigation
- Implement lessons learned
Best Practices
- Regular testing of incident response plans ("fire drills")
- Multiple admin access points for critical systems
- Clear documentation of all business systems and processes
- Regular backup testing and verification
- Proactive relationship with insurance providers
- Understanding of insurance requirements and procedures
Schedule Your Free Security Assessment
Key Takeaways
- Prevention is cheaper than remediation
- Every business needs a tested incident response plan
- Technical recovery is only one part of breach response
- Business continuity planning is crucial
- Regular testing and verification of security measures is essential
Recommendations for Business Owners
- Get a thorough security assessment
- Develop and test an incident response plan
- Maintain updated documentation of all systems
- Establish relationships with security providers and insurers
- Regular testing of backup and recovery procedures
- Plan for offline operations during outages
Future Episode Preview
- ROI of keeping equipment and software up to date
- Impact of outdated technology on employee satisfaction and productivity
- Cost analysis of proactive vs. reactive IT management
