• Office of the Comptroller

What’s Your Plan B?

With ransomware attacks on the rise, part of updating your Incident Response, Business Continuity, and Disaster Recovery Plans is working with staff to identify a “Plan B” if critical systems are taken off-line. Below is a five-step plan that you can implement now, using the internal control plans you already have in place:

  1. Identify your critical tasks.

  2. Identify the networks, systems, third party software and other entities that you depend on to achieve your critical tasks.

  3. Develop processes and workarounds to manage these critical tasks without email and technology at each step of the process.

  4. Test and retest these processes to identify risks and weaknesses, and continue training staff on cyber awareness.

  5. Update your Incident Response, Business Continuity and Disaster Recovery Plans with your Plan B processes.

Developing and testing your Plan B can greatly improve risk assessments across the enterprise, and improve security at each step to reduce the chances of a cyber incident.


See our Cyber Center for additional resources and links for cyber alerts, and contact CTREmergencyNotification@mass.gov with any incidents or suspected incidents of fraud or cyber attacks.


cybersecurity tip header image

7 views0 comments