Are the 4 Fundamentals of Cyber Resilience Enough?

In this blog, we’re going to discuss the importance of cyber resilience in challenging times. But fair warning, things aren’t about to get any easier. There are vital fundamentals that we can use to protect our IT landscapes, but are these enough? Or is it a case of evolving or dying a death?

 

Bad news first…

It’s an emerging trend. Traditional cyber-security measures aren’t enough anymore. Protecting organisations from the spate of persistent attacks feels like an unmanageable task.

In our last blog, we spoke about the growing number of cyber-attacks in 2021. And, we took a look at some of the major attacks over the last year. In a word, ransomware attacks alone are accelerating, fast. Both in pace and complexity. Let’s take a look at some statistics.

 

  • In 2020, the average business cost of a cyberattack is $3.86 million and it takes over 200 days to detect the breach. (IBM)
  • Ransomware attacks cost businesses an estimated $20 billion in 2020, having grown by over 50 times since 2015. (Cybersecurity Ventures)
  • There will be nearly 3.5 million open cybersecurity jobs waiting to be filled this year, with over 500,000 open positions in the United States alone. (Net Sparker)
  • 68% of business leaders felt the risk of a cyberattack increasing. (Accenture)

 

If you’re in the right job, these numbers won’t come as a surprise to you. But we implore you to ask yourself, ‘what am I doing about it?’. You might not have a clear answer. You might have a strategy that you’re yet to find time to execute (FYI, using Predatar can save a whopping 62% of your time. Fancy that? Find out more here).

But we digress. You may have a well-thought-out and constructed plan. Good for you. But this article might make you think again about how you’ve formulated that plan.

 

How many?!

There are endless ways a cyber-attack can present itself. But the top 3 types of cyber-attacks that cause mass disruption and cost are as follows:

 

Social Engineering

A manipulation technique that exploits human error to gain private information, access, or valuables. You could call it ‘human hacking’.

 

Ransomware

Yep, it’s the big one. We probably don’t need to remind you, but ransomware is a type of malware. The malware is used to infect a computer network, gain access to critical data, and then hold that data to ransom for a sky-high sum.

 

DDoS

A Distributed Denial of Service is a malicious network attack where hackers overwhelm a website with false traffic or requests.

 

The Good News

Cyber resiliency powers and accelerates business value. It helps enterprises prepare for, respond to and recover from cyber threats. Meaning, they can thrive in the face of adverse conditions.

The concept of cyber resilience is underpinned by the assumption that cyber-criminals will break down any network defenses intended to stop them. It’s a dismal outlook, we know. But it’s worth the strategy it fosters.

As part of a strategy, the following key components are fundamental in your planning. They will form your baseline plan.

 

  1. Encryption
  2. Immutability
  3. 3rd Copies
  4. Airgaps

 

Now, let’s go back to that all-important question: ‘what am I doing about it?’. We’re guessing that one or two of these things might have popped into your head when we asked you. But we’re here to tell you, these fundamentals aren’t enough.

Having these things can’t guarantee that your business, data, and infrastructure are protected. You’ll need to be able to answer the following questions for a robust cyber resiliency strategy.

 

  • How do you ensure your backups will recover?
  • How do ensure those backups are clean?
  • How do you recover fast to a clean environment?

 

The answer therein lies in Recovery Orchestration. This technology allows you to automatically detect an intrusion and recover from it at the drop of a hat.

Having a strategy that includes recovery orchestration will help your business to:

 

Step up automatic tests

You’ll be able to make the most of intelligent automation and continuously test your backups, 24/7. You can also search for high-risk systems and prioritise accordingly.

 

Work out what’s infected

With ransomware recovery in place, you’ll have minimised your data loss and downtime. Ransomware Recovery Orchestration workflows will automatically search through your systems to find the newest backup that shows no signs of infection.

 

Put your systems into quarantine

In the event of an attack, you can protect the latest unaffected version of your data by isolating it in a safe place, either on-premise or in the cloud. Quarantining your data will allow you to assess your systems.

 

Check all your data is clean

Now your data is out of harm’s way, ransomware orchestration will automatically run all the necessary checks for you. It’ll scan through your backups to ensure all your data is completely clean.

 

Bring everything back

Once your systems have got the all-clear, you can instantly recover individual nodes or restore everything in one go. You can automate putting what you need back into your live environment.

 

Then, you’re good to go!

 

Predatar is at the forefront of disaster recovery automation and works intelligently with IBM Spectrum Protect. With Predatar on your side, you should never need to pay a ransom or lose your critical data. Use intelligent automation to maintain best practices and protect your business against data disasters. Contact us to find out more, or see for yourself how much money we could save you by using our online savings calculator.

 

 

Article By Nile Zahran | Head of Product Innovation