Banks like ours dedicate a significant amount of time and energy to ensure our networks and services are resilient and always available. Financial institutions are regulated and have to adhere to standards most businesses don’t, and also participate in peer collaboration platforms to share best practices much more frequently than other industries. Financial institutions serve as critical pillars of economic stability, managing not only the assets of individuals and businesses, but also the flow of transactions that keep local and global economies functioning. Making sure we’re always on is a high priority, and sharing the knowledge we’ve acquired through the years to help strengthen your practices is the focus of this blog post.
Effective continuity strategies ensure the systems you rely on remain accessible, position your business for rapid recovery after disruptions, and most importantly keep things running as close to normal no matter what catastrophic situation occurs. Hope for the best, plan for the worst and always fail safe.
Every September, National Preparedness Month serves as a timely call to action for everyone to evaluate and enhance readiness strategies for emergencies and unplanned disruptions. The initiative is sponsored by the Federal Emergency Management Agency (FEMA) to remind individuals and communities to take steps to prepare for unexpected emergencies before they happen. This year’s National Preparedness Month theme is Preparedness Starts at Home. Our community is no stranger to natural disaster, and if you’re interested in learning more about how to navigate the recovery process after the disaster, we recently hosted a podcast and published a blog with insights from local residents and insurance agents.
While “preparedness at home” is the focus of this year’s Ready.gov campaign, businesses also benefit from taking steps to prepare for potential natural disasters or cybersecurity incidents. For businesses, September is not just an opportunity to revisit crisis plans, but to foster a culture of resilience, ensure employee safety, and maintain operational continuity in the face of the unexpected. Below, we explore actionable steps businesses can take during National Preparedness Month.
Begin September by initiating a comprehensive review of your organization’s emergency response and business continuity plans. This should include:
You can obtain a disaster preparedness plan template from Ready.gov to assist in managing a business disruption. Learn more about how to put together and test a business continuity plan with training videos, also available through Ready.gov’s continuity plan resources.
The FCC also offers the Small Biz Cyber Planner 2.0, an online resource to help small businesses create customized cybersecurity plans. You can use this tool to create and save a custom cyber security plan for your company.
Once your plans are built, centralize your preparedness documents on a dedicated site in the event you don’t have access to your business location. Use version control features to keep track of plan revisions and ensure all employees have access to the most current information. Create distinct folders for policies, floor plans, communication trees, and response checklists. Ensure you post floor plans in buildings that include visible escape routes for evacuation purposes.
September is an ideal time to schedule training sessions and drills that familiarize staff with emergency procedures. These can include:
Host training materials, instructional videos, and schedules on an internal site that is easily accessible to your team. Provide links to sign-up forms, feedback surveys, and post-training quizzes. Enable discussion threads or Q&A forums for staff to ask questions or share reflections. At American Riviera Bank, we perform quarterly call tree testing using an automated solution. Often times, we use a “poll” to get an response to the question to increase engagement. If a text or phone call is undeliverable, we know to follow up with the employee to obtain current information.
Consider holding a staff meeting to conduct a simulation of a potential cybersecurity incident, known as tabletop exercises. Send calendar invites for training events, reminders as the dates approach, and follow-up emails with post-training materials or feedback requests. The Cybersecurity & Infrastructure Security Agency (CISA) provides excellent tips on Cyber Guidance for Small Businesses. You can also download CISA’s tips and scenarios for performing your own tabletop exercise here on their website.
National Preparedness Month is most effective when everyone is engaged. Consider running a themed communication campaign throughout September:
Post articles, graphics, and quick polls to gauge preparedness levels. Leverage resources and toolkits from Ready.gov on disasters including earthquakes, power outages, and extreme weather to schedule out a series of visually engaging emails with tips, resources, and challenges to drive participation and keep preparedness top of mind to lessen the financial impact of disasters and reopen your business quickly.
A common challenge in emergencies is locating essential documents and contact information quickly.
Set up “quick links” to high-priority resources on your company intranet page, and/or use a mobile app for access during off-site emergencies. Circulate reminders about where to find critical documents and how to request access if needed. Provide guidance on what information should be kept backed up offline as well.
The Small Business Administration (SBA) also maintains resources for businesses to anticipate disasters and improve infrastructures to ensure resiliency, including recommendations to fortify buildings against severe weather or to elevate utilities and electrical systems to protect against flooding. SBA programs are also available to help your business after a disaster. Bookmark SBA.gov/disaster to learn more about how SBA offers low-interest disaster loans to homeowners, renters, businesses, and most non-profits who have been impacted by declared disasters.
Preparedness is not a one-way street. Encourage employees to share ideas, raise concerns, and report potential hazards.
Invite feedback and questions via dedicated inboxes and periodically summarize and address common themes in company-wide messages.
Today’s workforce may be distributed across multiple sites or working remotely. Your preparedness plans should reflect this reality.
Provide cloud-based access to all preparedness resources. Update remote work guidelines and procedures as living documents. Notify all teams of remote-specific emergency protocols and confirm that all staff have up-to-date contact details for their managers and IT support.
Disasters aren’t always physical—cyber threats can be just as disruptive. According to the 2023 Verizon Data Breach Investigations Report, more than 40% of small businesses in the United States have experienced a loss due to a cyber-attack, underscoring the importance of robust cybersecurity measures and ongoing employee awareness training. Integrating these statistics into preparedness communications can help emphasize the real-world risks and the need for proactive defenses. (Source: Verizon Data Breach Investigations Report, 2023)
Store cybersecurity guidelines, incident response steps, and IT emergency contacts in a secure library, with restricted access as appropriate. Send periodic cybersecurity alerts, tip sheets, and reminders to keep vigilance high throughout National Preparedness Month, and in the month that follows for National Cybersecurity Awareness Month.
Your suppliers and partners are part of your extended preparedness network.
Maintain a vendor management library with all contracts, Service Level Agreements (SLAs), and preparedness documentation to allow you to operate in an offline environment in the event access to your network is interrupted. Coordinate preparedness check-ins with key partners and distribute requirements via email to ensure alignment.
Preparedness is an ongoing process. Dedicate time during September to:
Distribute results and next steps to all relevant stakeholders and ensure deadlines for improvements are clearly communicated.
National Preparedness Month offers businesses a structured opportunity to move beyond compliance and foster a true culture of readiness. By strategically centralizing information and leveraging the power of targeted employee communications, organizations can ensure that all employees are informed, involved, and empowered to respond to emergencies. As we can attest to at American Riviera Bank, the investments made in September can pay dividends for years to come—protecting your people, your clients and your operations, and your reputation no matter what challenges arise.
For more tips on keeping your business resilient year-round, read our blog on how spring cleaning your digital services is a crucial step in preventing cybersecurity attacks.
Previous: Introducing LegacyKit from Carefull Next: Lights, Camera, Save!