By Stephanie Harbrecht
In today’s cooperative landscape, we rely heavily on a network of vendors and suppliers to operate efficiently. But through this network we can and do open ourselves up to vulnerabilities like cyber threats. When a vendor you work with falls victim to a cyberattack, it’s essential to take immediate and strategic action to protect your business, assets, and the members you serve.
Electric utilities, critical infrastructure, and the vendors we use are a top target of most cyberattacks and it is crucial to have policies, plans, and communication strategies in place. So, what do you do WHEN, not IF, this happens?
First, assess the impact on your operations.
The first and immediate step you should take is to gather as much information as possible about the attack. Your vendor should be very transparent about what has happened, if not be prepared with the following questions:
- What is/ was the extent of the attack?
- What systems were impacted?
- How long were the threat actors hidden?
- Do they have logs of the threat actors in their network?
- What specific data was compromised? Was it data of the vendor or of their customers (you).
- What are their plans for recovery?
- What is their communication plan?
Then, enhance your own cybersecurity.
A vendor’s ransomware attack should serve as a wake-up call to reinforce and review your own cybersecurity measures. Take this opportunity to review your policies, practices, and backups ensuring they are up-to-date and robust. Implement multi-layered security solutions, regular security audits (internal and external), and educate your employees about the latest cyber threats and best practices. Cyber and information security is an ongoing effort, everyone’s job, and staying proactive is key to protecting your cooperative.
Finally, develop a contingency plan.
It is known that a cyberattack happens roughly once every 39 seconds. It is essential to have a well-defined contingency plan in place. We all know the value and importance of our safety plans; your cyber and information security plans should be an equal priority. Your plan should include an outline of how your organization will respond in the event of disruptions caused by a vendor’s cybersecurity incident. It is essential to have your backups tested and ready to call on if needed, have a clear communication plan and alternative channel to keep your members informed, and it is recommended that you have backup relationships with alternative vendors or suppliers to maintain business continuity.
A vendor’s ransomware attack can have far-reaching consequences for your cooperative – financial, reputational, and potentially legal. By immediately assessing the situation, maintaining clear and open communications with your vendors, enhancing your own cybersecurity, and developing a comprehensive contingency plan you can minimize your potential damage and ensure your cooperative is able to keep the lights on and your members informed in the face of any challenge.
BrilliT is a wholly-owned subsidiary of Rappahannock Electric Cooperative and was created to help co-ops tackle the cybersecurity and IT challenges of today's constantly evolving digital world.
About the Author
Stephanie Harbrecht leads BrilliT with 15+ years of experience in the electric cooperative industry. During her career she has consulted with statewide associations on educational programs, strategized and consulted with industry leading organizations on their co-op market engagement plans, and developed and implemented a national multi-million-dollar vendor membership and experiential marketing program.
The BrilliT team is here to help, and we look forward to serving as your data analytics, cybersecurity, and IT experts. Reach out to us with questions.
