Prepare to fail is probably the best advice I can give you.
Think of it as almost guaranteed.
It changes your perspective from, ‘what if’ to ‘when’.
And allows you to plan ahead.
It’s how we approach online security.
That all of the work you are doing, will one day be in vain.
A new bug will be discovered; a new virus will be launched upon the world; someone’s laptop will be stolen while they are logged into your back-end system.
And so we plan ahead.
– Are the backups up to date?
– When were they last tested? Did they work?
– How quickly can everything be restored?
– What is the order for restoring different systems?
– What regulatory bodies are we under, and what do they require?
– Will we need someone involved for legal affairs, public relations, dealing with a regulator?
Plan ahead now, even a rough one, and you will come out much better when (not if!) the next security crisis hits.