Floods can wreak havoc on businesses—damaged buildings, lost equipment, disrupted operations. But recovery doesn’t end when the water recedes. In today’s episode of Don’t Be A Sitting Duck, we’re talking about the essential steps every business should take after a flood to get back on track—and how to make sure you’re not overlooking hidden risks, like cybersecurity threats that can sneak in when you least expect them.

Whether you’re dealing with flood damage right now, or just want to be prepared, this is an episode you won’t want to miss.

Initial Recovery – First Things First

The first few hours and days after a flood are critical. Let’s start with the basics:

1. Wellbeing and Safety – Protect yourself, your family, and your staff. Monitor emergency alerts and only return to your premises when authorities say it’s safe. But here’s an often-overlooked step: when you do return, be cautious with your electronic equipment. Water-damaged devices can pose more than just electrical risks—they can also create cybersecurity vulnerabilities if powered on or connected to your network without proper checks.
2. Assessing the Impact – Once it’s safe, document everything. Take photos or videos of the damage for insurance claims, and start logging your decisions. But don’t forget—this is also a good time to assess your digital assets. Are your backups intact? Was any sensitive data stored on damaged equipment? It’s easy to overlook these things when you’re focused on the physical clean-up, but trust me, they’re just as important.

Cleaning Up After a Flood – Avoiding More Than Just Physical Hazards

Next up: the clean-up phase. Before you roll up your sleeves, here are a few key steps:

Contact Your Landlord and Insurer – Before starting any clean-up, get in touch with your landlord and insurer. Some policies cover clean-up costs or require approval before you begin repairs. But here’s where cyber threats can sneak in: be wary of phishing emails pretending to be from your insurer. After a disaster, scammers know businesses are vulnerable. If you get unexpected emails asking for personal details or urgent payments, double-check their authenticity.

Safety First During Clean-Up – Wear protective clothing, secure undamaged stock to prevent theft, and ensure food and water safety. But also think about securing your digital assets. If your premises were accessible during the flood, could sensitive files have been compromised? It’s a good time to change passwords and audit access to critical systems just in case.

Contact Utility Providers – Power, water, and internet reconnections take time. When it comes to your IT systems, never reconnect equipment without a professional assessment. A water-damaged server isn’t just a fire hazard—it can introduce malware or corrupted data into your network if mishandled.

Financial Recovery & Re-establishing Your Business

Once the immediate danger has passed and clean-up is underway, it’s time to think about recovery.

Insurance Claims – Lodge claims as soon as possible, even if you don’t have the full damage assessment yet. Keep detailed records of everything—equipment, stock, and even digital data losses. If you had to throw away a server or laptop, document it thoroughly. Data loss can be covered under some business interruption policies, especially if it affected operations.

Contact Your Bank – Discuss financial hardship options like deferring loan repayments or waiving fees. But while you’re securing your financial health, don’t forget your digital security. Floods can disrupt normal operations, and scammers know this. Keep an eye out for suspicious activity on your business accounts or unexpected password reset requests—it could signal a compromised account.

Re-establish Your Business – Review your business continuity plan and start replacing destroyed equipment. But here’s a crucial cybersecurity tip—before reinstalling any software or reconnecting to the internet, ensure your systems are scanned and secure. This is where having a cybersecurity partner like Empower SHIELD can make a huge difference, ensuring you’re not reintroducing hidden threats into your network.

Recovering from a flood isn’t easy, and while the physical damage is clear, the digital risks often fly under the radar. Taking steps to secure your business’s cybersecurity is just as important as cleaning up the mess left behind.

If you want to learn more about protecting your business from cyber threats, even in the face of natural disasters, visit sittingduck.com.au. Because when it comes to cybersecurity, the last thing you want is to be a sitting duck.”

Thanks for tuning in to Don’t Be A Sitting Duck! Stay safe, stay secure, and we’ll catch you in the next episode.