Imagine a scenario where your company’s digital infrastructure goes offline. Your servers are unreachable, the company website is offline, internal communication stops working and employees are locked out of offices because keycard security systems are down. Your entire company—literally everything it does—just stops. It’s a nightmare scenario, but if you’re prepared with a business continuity plan, it can be a short-term inconvenience instead of a company disaster. As we’ve seen just recently with the massive Facebook outage, these scenarios can happen to any organization.

Company-wide communication disruptions can be triggered from internal incidents, such as misconfigured servers or routers, cut cables and other hardware and software failures. They can also come from the outside in the form of natural disasters like wildfires, floods, hurricanes and earthquakes. And of course, there’s always the chance that disruptions are due to actual cyber attacks by hostile actors. Recognizing that both internal and external scenarios are possible is key in developing a backup communication and access plan before disaster strikes.

While a remote workforce means at least some of your staff will be out of harm’s way should an actual natural disaster strike the office, it doesn’t mean they won’t be impacted by your infrastructure downtime. Offline servers mean work-from-home employees can’t access hosted files, data and apps. If your communication infrastructure is down, too, they don’t have any way to stay on top of the incident status. Without a backup communication plan, on-site employees won’t have any idea how long they’ll be locked out of offices if the security system is also down, and off-site employees are simply in the dark.

Make a Business Continuity Plan for Disasters

A well-documented communication backup plan should be part of your company’s overall business continuity plan for disaster scenarios. If you use an in-house solution for intra-company communication, for example, employees need a fallback solution should the primary communication platform stop working. On-site employees also need a clear-cut plan should the security system fail, locking them out of rooms or even the entire building.

In both cases, your recovery plan needs to clearly list the processes for attempting to restore services, and the incident response tools to use. Be sure to define who is responsible for triggering the plan, too. For companies that need help creating a response plan, services are available to help out.

Documenting processes in detail is important because it’s unreasonable to expect employees to remember everything they need to do during what’s likely a high-stress situation. Providing team members with printed documentation is smart, too, because they won’t otherwise have access to the procedures if the files are stored on servers that are currently offline. In that way, physical or offline backups of your business continuity plans and procedures can be an essential part of cyber resilience.

Also, don’t make the mistake of assuming your response plan is etched in stone. Your plan needs to be reviewed and updated regularly to adapt to changing technology and to address evolving cybersecurity threats.

Develop a Backup Communication Plan

When your company’s communication system literally breaks down, it’s time to put your recovery plan into action. Establish a secondary internal communication system beforehand so everyone knows what to use when the primary system is down. Employees need to know when to switch to the fallback system, too. Relying on word of mouth from managers, however, shouldn’t be the primary way of relaying that information. It’s inefficient and slow, ensuring all on-site employees are notified is difficult, and employees working outside the office might be excluded from the communication chain.

For some companies, a simple time limit to move to the backup communication system is enough. A company that relies on an internal chat platform, for example, could set a 15-minute threshold for downtime. After hitting the time limit, everyone moves to the backup platform until they get an official order to return to the primary system. Documenting this time limit in your business continuity plan can help make needed transitions seamless.

If employees are issued company smartphones, pushing a message to everyone with an alert to switch to the backup communication platform is an option. That’s assuming, of course, cell service is working and the system to send messages en masse is operational. Regardless of the system used, the process for knowing when to move to the fallback communication system needs to be reliable since there’s a good chance many employees will be working remotely.

For companies where system downtime is newsworthy, a plan for handling media and other public-facing communication is necessary, too. Prepare general statements ahead of time, and make sure those are accessible outside of company servers so authorized employees can make public statements. If access to company servers isn’t possible, any prepared statements stored there won’t be available.

Plan for Physical Building Access

Employees locked out of their offices, or the entire building, when the security system goes offline is more than just an embarrassing news story. It’s also a big obstacle to getting the downed systems up and running again. If the team that needs hands-on access to servers and networking gear can’t get inside, they can’t work on fixing the issues that took communication and security offline.

Many companies use some sort of authentication system to manage building and room access. If that system is offline, designated key holders who can manually unlock doors need to be available and on-site as quickly as possible. They also need a process for verifying who gets in the building or offices to prevent potential security breaches.

Training and Practice Scenarios for Business Continuity Planning

Time is money, and that definitely applies to system downtime incidents. Each hour during an incident can cost a company thousands—or even millions—of dollars. Testing your incident response plan can show weak points and gaps in the procedures. It’s also much easier to address those problems outside of an actual incident situation.

Ongoing training is key, too. Team members responsible for managing an incident response should participate in practice events so they’re prepared when a crisis actually happens. Backup communication systems need to be tested regularly, too.

It’s also important for all employees to know what to do during a system failure. Company-wide training and detailed business continuity plan procedures make it much easier for everyone to know how to respond to the situation.

Preparing a recovery plan ahead of a communication or security system failure is critical for a fast and effective response. Training and practice scenarios are important for making sure everyone in the company knows what to do during an incident. That can save your company from hours or days of downtime and lost revenue.

More from Incident Response

Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…

5 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Expert Insights on the X-Force Threat Intelligence Index

5 min read - Top insights are in from this year’s IBM Security X-Force Threat Intelligence Index, but what do they mean? Three IBM Security X-Force experts share their thoughts on the implications of the most pressing cybersecurity threats, and offer guidance for what organizations can do to better protect themselves. Moving Left of Boom: Early Backdoor Detection Andy Piazza, Global Head of Threat Intelligence at IBM Security X-Force, sat down with Security Intelligence to chat with us about the rise in the deployment…

5 min read

How Morris Worm Command and Control Changed Cybersecurity

4 min read - A successful cyberattack requires more than just gaining entry into a victim’s network. To truly reap the rewards, attackers must maintain a persistent presence within the system. After establishing communication with other compromised network devices, actors can stealthily extract valuable data. The key to all this is a well-developed Command and Control (C2 or C&C) infrastructure. The number of C2 servers used for launching cyberattacks increased by 30% in 2022. More than 17,000 of these servers were detected last year,…

4 min read