1. What would you do if a ransomware attack impacted your business for more than 2 weeks?
Most MSPs are really good at backing up and restoring data. That is a core service that MSPs provide to their clients. It would be natural for a client to minimize the impact of downtime of a ransomware attack. MSPs need to discuss the impact of ransomware on systems that are not managed by the MSP.
Ransomware attacks on cloud-based services could leave a company inoperable for weeks. Electronic Health Records (EHR), Point of Service (POS) systems, Accounting Systems, Payroll Systems, Customer Relationship Management (CRM) systems are critical to many businesses. Without access to many of these systems, businesses will struggle to provide services, collect payments, and pay their employees.
There is no centralized data backup anymore. There is no ability to restore a system like a cloud-based EHR or an online Accounting System. Businesses are literally at the mercy of how fast their cloud-based vendor can recover from a ransomware attack.
Datto has a great downtime calculator that can help show the cost of systems being down and the impact on a business’ lost revenue.
Datto Recovery Time & Downtime Cost Calculator
In addition to cloud-based systems, other systems (which may or may not be cloud-based) can be impacted such as phone systems, security systems, digital X-ray machines, credit card processing systems, and others. Many times, MSPs do not support these systems and have no control over when they are restored after a ransomware attack.
These systems can have an impact on a client’s business. Some minor and some major. If a business cannot process credit cards, a significant amount of revenue can be lost.
This question and conversation get to the heart of ransomware; business disruption. Putting numbers on financial impact helps frame the conversation with a client.
2. What would you do if hackers had access to customer, patient, and/or employee data?
Ransomware attacks are more than just encryption. Many times, hackers use ransomware to steal a company’s data before encrypting their systems. Data theft increases the odds that a victim will pay the ransom in exchange for assurances that the hackers will not release the data publicly.
Data theft may impact a business even more than the encryption itself. Sensitive customer data, patient’s medical history, and employee paystubs released publicly can be devastating to the impacted individuals and the business.
Angry customers could refuse to do business with the company. A business’ reputation could be severely damaged. Employees could be hurt by identity theft scams.
Many times impacted individuals may sue or participate in class action lawsuits.
On top of direct impact to individuals, there are privacy and data breach reporting requirements that could have a major impact on the business.
US Healthcare organizations have HIPAA requirements. International businesses face GDPR requirements. Each state in the US has breach reporting requirements. Most countries have their own data breach reporting requirements.
Complying with these requirements could be very expensive. Notifying impacted individuals is not as straightforward as it sounds.
Usually, data forensics is needed to determine who has been impacted. Legal counsel is needed to help with each of the reporting requirements. Call centers usually need to be set up to address incoming calls and emails from impacted individuals. Credit monitoring / Identity Protection is usually offered to impacted individuals.
All these services cost money and take a lot of time and effort to address each area.
The other threat to a business based on the data breach would be regulatory fines imposed by federal or state government agencies.
Breach Secure Now has a good Data Breach Cost Calculator that will show the financial impact of a data breach. The calculator is driven by the scope of the breach and impacted individuals. This is a good tool to show a client the financial impact/costs of responding to a data breach.
Calculator – Breach Secure Now!
Asking a client these 2 questions will help explain the impact of ransomware on the client’s business.
Having the associated conversation opens a client’s eyes to the true pain of ransomware.
Sharing real financial costs from the Datto and Breach Secure Now calculators help put realistic numbers around ransomware and data breaches.
Once a client sees the true impact of ransomware, they are most likely going to ask 2 questions:
1. How do we prevent this from occurring?
2. What do we do if we have a ransomware attack?
This leads to conversations about implementing more cybersecurity and buying cyber insurance. Both conversations are welcomed by MSPs.