So...a few weeks ago our small company had an incident where our internal tracking software was hijacked and held ransom (ransomware) by a hacker. This of course was very bad, as we keep track of all of our production, shipping, receiving, and more through that system. It's since been fixed (thank goodness), but we realized we were totally unprepared for such an incident.
As a result, I've been asked to come up with a backup plan for when our tracking system shuts down or fails. I know, our company should have had this in place years ago, but I wasn't here at that time to say "hey, what if this happens?"
Basically, I need to come up with a paper way to track our inventory and shipping, along with a procedure to follow in case it ever happens again. I'd use the check sheets we had from years and years ago before the company switched to electronic tracking, but they've been lost over time, so I have to come up with everything from scratch. Re-invent the wheel, so to speak.
Has anyone addressed a cyber attack in their company's emergency action or business continuity plan? Do you have any tips on how to write such a procedure? Or any tips on how to break down an entire computer trace system into a paper version?
Thank you in advance!