Re: Security and the weakest link?
Might have had backups - but were they tested? Did staff know how to restore them?
I have asked this of a supplier recently after a malware attack, I got no reply, so I escalated it to his boss. Turns out the guy "in charge of the backups" quit a couple of years ago and nobody was assigned the tasks he had, so backups had not been working for some time and nobody knew where the restore keys were kept for older backups.
Fortunately they hadn't been hit by an attack, but if I hadn't queried it, how long would have it gone on for? Yes the staff should have figured this out themselves, but we have managers.. to manage.