An Insider’s Look at Surviving Ransomware with Solid Disaster Recovery

The average cost of a ransomware attack reached over $7.5 million in 2018. The expense doesn’t only come in the millions you might have to pay for the services needed to recover; but also the cost of being without your data for days or weeks. The City of Baltimore spent over $18 million trying to regain control of its data, and after six weeks of restoration efforts, only 70% of its operations were fully restored. Maybe it isn’t a surprise that an estimated 60% of small to medium-sized businesses fail within six months of a cyber-attack.

These statistics are sobering, but they don’t give the entire picture. Gartner estimates that companies will spend over $124 billion trying to safeguard data and privacy. Unfortunately, the reality is that there is no way to prevent 100% of the cyber-attacks, 100% of the time. This means that for a vast majority, it is only a matter of time before they are faced with cybercrime.

Whether it is a classic natural disaster or a cyber-attack, the impact can be reduced with planning. A business continuity plan can help an organization get back online, quickly mitigating loss. The first step is determining the type of backup and disaster recovery plan that is right for your company. We start with a look at the three C's: Criticality, Complexity, and Culture. 


Think about the importance of your employee, client and proprietary business data. Here are a few critical questions to consider: 

  • What is the maximum level of data that can be lost or be re-entered during network downtime? For example: If your business isn’t handling a considerable volume of transactions, maybe making a copy of the data available every 18 hours is enough.
  • How much time can your business be offline without a significant disruption? The answer might be very different for a healthcare organization compared to a city government.
  • Could your data be compromised or leveraged against the company, vendors, or clients?
  • Does your organization need to comply with insurance requirements or federal standards and regulations like PCI or HIPAA? 
  • How much of your daily operations rely on your employees freely accessing data? 

The answers to these questions will help you determine the Recovery Point Objective (RPO) and Recovery Time Objective (RTO) for your business. The cost of these solutions is determined by the thresholds established. You’ll want to determine the lowest threshold that makes sense for your unique requirements considering the costs of maintaining these levels. If your daily operations rely heavily on accessing your organization's data, or you must comply with industry-recognized standards, you will want to opt for the plan with faster recovery time (RTO) along with more frequent backups (RPO) and offsite data synchronization.


Complexity describes being able to function normally in the event of a disaster occurring. Can you run all of your critical systems with all of their dependencies if your system was down due to a ransomware attack? Every company has a diverse set of operations on a variety of platforms that all need to be backed up. Whether those systems are on-premise or in the cloud, you must have a disaster recovery and backup plan that will accommodate them. Archiving might be an important feature you'll want to include in your backup and disaster recovery plan, like an HR backup system, particularly if you have critical employee information or if an employee decides to leave the company and you'd still like to access their data.


What cybersecurity training have your employees undergone? Employee negligence is the number one reason small to medium-sized businesses are vulnerable to attacks. It is vital to make sure you are preaching the proper protocols and implementing policies that will protect your organization from an employee making a weak password or clicking on a phishing email. Our blog on password offers some tips to create the best password policy for your organization.

Request a Security Assessment

We wouldn't be doing our due diligence if we didn't point out that to be truly secure, you have to have a multi-layered, cross-organizational comprehensive security plan in place to accompany your backup and disaster recovery plan. A solid password policy can save your organization time and energy, but to cover your bases, you need to cater your security plan to meet the security, deployment, and management requirements of your unique organization. It is best to start with a security assessment to identify these requirements, along with all of your network vulnerabilities.

Don’t risk it. BlackPoint offers a free security consultation. Discover how you can improve your business and prepare for a disaster by calling (866) 575-9512, or you can schedule an appointment.

Contact BlackPoint IT