When it all Goes Wrong - How to Return to Normal After a Cyberattack
![When it all Goes Wrong - How to Return to Normal After a Cyberattack When it all Goes Wrong - How to Return to Normal After a Cyberattack](https://financialit.net/sites/default/files/brian-spanswick-edited.jpg)
- Brian Spanswick, Chief Information Security Officer at Cohesity
- 25.04.2022 04:00 pm #analytics , A ransomware attack paralyses an organisation, stopping revenue and losing trust. Prevention should incorporate a data recovery platform.
Enterprise IT environments are particularly complex. Increasingly Financial organisations are using a hybrid IT landscape of on-premises and cloud infrastructure, and a growing number now use a multicloud environment. This enables more agile business transformation, but also affords cyberattackers increased options to mount attacks.
Financial companies need to arm themselves because cyberattacks such as ransomware have led to an enormous increase in extortion incidents, combined with the failure of information and production systems and the disruption of operating processes. According to the Allianz Risk Barometer 2021, cyber incidents were among the top three COVID-19 related risks last year. And the “Financial Trend Analysis: Ransomware Trends in Bank Secrecy Act Data Between January 2021 and June 2021” from the U.S. Treasury Financial Crimes Enforcement Network (FinCEN) reports: “In the first six months of 2021, FinCEN identified $590 million in ransomware-related SARs, a 42% increase compared to a total of $416 million for all of 2020. If current trends continue, [suspicious activity reports, or SARs] filed in 2021 are projected to have a higher ransomware-related transaction value than SARs filed in the previous 10 years combined, which would represent a continuing trend of substantial increases in reported year-over-year ransomware activity.”
Billions Are Being Invested in More Security
Security and disaster recovery are now on the White House agenda after several, costly ransomware attacks on American companies, including those from the energy sector and healthcare.
In a meeting with President Biden, business leaders, including those in technology and insurance industries, pledged to invest billions of dollars to improve cybersecurity. Google, for example, plans to pump $10 billion and Microsoft as much as $20 billion into cybersecurity over the next five years. Despite the huge investment into security, prevention needs to go hand in hand with recovery so that an IT disaster does not turn into a business catastrophe.
The IT industry is battling the threat to data and system security on many fronts. To protect applications and data in different environments and meet various service levels at different application tiers, enterprises have historically invested in numerous individual products, each designed for a specific environment or application tier and service level. This fragmented approach, while well intended, leads to unnecessarily complex IT operations and creates higher total cost of ownership (TCO), increased pressure on IT teams, a higher risk to data, and longer downtime.
With the increasing threat to organisations and accompanying near and long term costs, a comprehensive disaster recovery strategy would seem an imperative, yet surprisingly, disaster recovery isn’t a given. A study by cloud hosting firm iLand found only slightly more than half (54%) of organisations have a documented, enterprise-wide disaster recovery plan. And only 50% of organisations bother to test their disaster recovery annually or less frequently, while 7% do not test their disaster recovery at all. Of those that do have a plan, 57% afford the luxury (and expense) of a second on-site data centre solely for disaster recovery purposes. Given the budgetary pressures on IT, this is becoming less cost-effective.
Take Strategic Action Against Increasing Threats
Cloud-based service solutions can save organisations significant sums of money. The unified platform concept helps to quickly return to normal operations in the event of damage. With Backup as a Service and Disaster Recovery as a Service, data can be backed up and restored between in-house data centres or from the data centre to the cloud. It works for heterogeneous environments as well.
Companies need the greatest possible data protection across different environments, application layers and different service levels. At the same time, they need to reduce operational complexity as well as total cost of ownership. Thus, enterprises should rethink their current backup and disaster recovery strategy and ensure that a modern recovery solution is established to complement the backup system.
A disaster recovery solution must:
- Simplify operations by consolidating data and workloads across environments and provide automated DR orchestration
- Automate failover and failback to reduce downtime and data loss
- Reduce total cost of ownership with a unified platform for backup and disaster recovery that can be used on-premises and as a cloud service
Complementing recovery is the need for a viable backup strategy. The challenge is to arrive at a strategy that will return compromised data to an unencrypted point quickly and without major data loss in the event of a disaster.
To do this, organisations should review their current backup strategy by determining where critical data is located, how much there is and whether it’s on premise, in the cloud, or a mixture.
Brian Spanswick is chief information security officer at Cohesity, which radically simplifies data management, making it easy to protect, manage, and derive value from data — across the data centre, edge and cloud.