Are you prepared?

Ten tips to prepare for a cyberattack or other unexpected disaster.

What would you do if your business suffered a ransomware attack tomorrow? Do you know how you would guide your business through the aftermath of a tornado or other natural disaster? 

SMBs take on significant risks. These include financial uncertainty, market volatility, and natural disasters. The dramatic increase of cybercrime only adds a new type of potential disaster to the stable of sorrows. The statistics for small businesses confronting digital disasters are grim,  60% of small businesses fail within six months of falling victim to a cyberattack. 

Small business owners and managers must prepare for the unexpected in order to ensure longevity and success. 

In this article, we are going to discuss a few technical issues, but will also go a bit outside of our usual IT wheelhouse to discuss general tips that can help small businesses get ready for anything. Although our expertise may be in IT, we are also a small business. We know that it takes an integrated approach to keep a business healthy and resilient and want to share a few of the tips that we find most helpful. 

1. Create a Contingency Plan

This is your single most important step. You do not have to anticipate every possible disaster, but you do need a plan for how to respond to any of them. 

A contingency plan is a set of procedures that help a business respond to unforeseen events, such as natural disasters, supply chain disruptions, or unexpected financial setbacks. 

Your plan should outline the steps that your business will take in the event of an emergency and should answer (at a minimum) the question “Who does what in the case of a disaster?” 

Who will take charge? Who communicates with staff? Who communicates with suppliers and customers? How often will staff be briefed? Who are the experts that you will contact in the case of each disaster scenario? Roles should be clearly defined so that people can act quickly when the worst happens. 

Also, take the time to identify what you believe to be the most likely type of disaster that you might face. What specific steps might you be able to take to mitigate or prevent it from ever happening in the first place? 

2. Maintain Adequate Insurance Coverage

Since small businesses do not usually hold enormous cash reserves, it is especially important to maintain adequate insurance coverage for the most probable disaster scenarios. These policies should include things like: 

• Liability coverage 
• Property damage coverage 
• Business interruption coverage 
• Data breach costs 

Although it might not be the first type of insurance that comes to mind, business interruption coverage can be an enormous asset. It can help cover lost income and expenses during a disruption. Imagine the peace of knowing that you will be covered for lost revenue when you are in emergency mode, grappling with circumstances that seem to spiral out of your control. 

In addition, cybersecurity insurance has quickly become an essential service. As the cost of the average cyberattack continues to rise, this insurance offers peace of mind and a financial safe haven should the worst occur. Cybersecurity insurance policies can simply cover what you lost to theft, or can cover complex expenses like loss of reputation, remediation of a breach, legal expenses, and loss of revenue. 

3. Diversify Your Revenue Streams

We know that this is one of the most classic risk-mitigation techniques, but there’s a reason that it is such a widely-known principle. Any small businesses that rely on a single product or service puts themselves at great risk should the unexpected happen. Something as simple as a raw material shortage could cripple an organization that finds itself with no alternatives. 

Take the time to consider how you could diversify your revenue stream. What else could you do with any brick-and-mortar locations you have? Could your workforce serve another sector in the event of a sudden slump? Can you identify another type of customer that is unrelated to your current base in the event of a loss of purchasing power in your traditional customer? 

4. Build Strong Relationships with Suppliers

Small businesses with strong relationships with their suppliers ensure a reliable supply chain for themselves. This is particularly important for businesses that rely on one supplier for their products. 

As we saw during the pandemic, a supply-chain disruption can have crippling consequences. In such moments, strong relationships matter. Social capital can mitigate the risk of supplier bankruptcy or supply-chain issues. Make sure that you invest in your supplier relationship just as you invest in your customers. 

5. Keep Cash Reserves

It’s difficult to keep a chunk of money sitting in the bank when you have bills to pay, potential investments to make, and services to roll out, but they are critically important to your resilience. Small businesses should keep cash reserves to help them weather unexpected events—from natural disasters to legal fees. As a general rule of thumb, a small business should keep at least six months' worth of expenses in cash reserves. 

6. Build Strong Outsourcing Relationships 

When business owners try to do everything in-house, they put themselves at higher risk. If a key IT team member quits, the company could face major security issues. If an accountant drops out right before tax season, you can find yourself in serious trouble with the IRS. 

Build strong outsourcing relationships with an IT provider and other critical support services. They can form a critical safety net in rough moments. 

7. Check Your Financials Regularly

You never just rely on your CFO or your accountant to handle all of the financial concerns. Right? 

Small business owners should check their finances regularly to ensure that they are on track to meet their goals and to identify any potential issues early on. 

Business owners and operators should never cease: 

• Tracking income and expenses 
• Reviewing financial statements 
• Opening their books to a financial advisor or auditor 

8. Invest in Technology

Technology can help small businesses prepare for unexpected events. One critical piece of tech that can help you markedly increase your resilience is cloud-based software and data storage that keep your data and digital tools safe off-site—providing redundant copies of your digital assets in separate physical location. 

9. Train Employees for Emergencies

Make sure that everyone knows what to do in the event of an unexpected event. This includes training for natural disasters, cyber-attacks, and other emergencies. Businesses should also have a plan for communicating with employees during an emergency and make sure everyone is aware of the plan. This does not have to be a boring endeavor. Practice often and make it something that the team looks forward to. 

10. Stay Up to Date on Regulatory Requirements

A sudden fine or audit can cause a dramatic disruption to a small business. Make sure that a member of your team is tasked with staying up to date with regulatory requirements and schedule an ongoing check-in period to make sure that everything is up to snuff. This includes tax laws, labor laws, and industry-specific regulations. Non-compliance can result in fines, legal fees, and damage to your business's reputation.