Guest Columnist: Scott Tsukamaki, Enlighten Technology

We invite our industry colleagues to submit articles for our TechMinutes newsletter.  This quarter, we have asked our good friend Scott Tsukamaki to share some tips with our clients he learned after a recent cyber incident.  Scott is Principal and Founder of Enlighten Technology, a Hawaii-based Managed Service Provider.

For the past month, Enlighten Technology has been assisting one of our clients in navigating a cyber-attack that impacted the entire nation. This disruption was particularly unexpected as it targeted a critical cloud program rather than the company's IT systems. The attack significantly crippled their production, and its overall ongoing impact remains unknown.

I would like to share eight lessons learned and other insights from this experience:

1. Identify Your Critical Software: Consider your most essential software and imagine it being unusable for 5, 10, or 30 days. What alternative solutions could you implement in its absence? Could you revert to using paper, for instance?

2. Understand Your Recovery: When systems come back online, how do you plan to catch up? Will it require working nights and weekends? Is overtime necessary? Are there any deadlines that might require extensions?

3. Keep Business Flowing: If your staff is commission-based, how do you compensate them if systems are offline? How do you handle vendor payments? At what point do you consider switching to a new system, and what are the implementation costs and timeframes?

4. Have Cyberinsurance and Business Interruption Insurance: Cyberinsurance and business interruption insurance are crucial, but be cautious as they typically cover your systems, not cloud vendors. Ensure the terms are clear and understandable. Send your provider "if-then" statements to confirm coverage.

5. Understand Data Ownership: Cloud providers act as data custodians, meaning they are not responsible for your data—you are. If sensitive information is leaked, the responsibility falls on you. Investigate if you can back up your data elsewhere, though be prepared: not all providers support or allow it.

6. Protect the Most Targeted Locations: With 65% of attacks coming through email, be vigilant about what you click on. Implement email protection filters and run phishing tests regularly.

7. Show a Pattern of Cybersecurity Mindfulness: Consistently demonstrate a commitment to cybersecurity. Consider security recommendations carefully, and if you choose not to implement certain measures, document the reasons (such as cost or limited risk). Develop a cybersecurity policy and decide on a standard framework to follow.  Consult with an experienced IT provider to point you in the right direction.

8. Build Vendor Agreements: Send out agreements to all vendors holding your data, asking them to specify how they store your data, their responsibilities, and the protective measures they have in place. Ensure these agreements are reviewed and updated annually.

Please note that none of this information constitutes legal or professional insurance advice. We are simply offering technical suggestions and opinions based on our experiences.