Building cyber resilience to recover quickly, at scale
Cyber resilience should be approached as a new discipline which incorporates data security, data protection and data governance in an integrated and holistic way.
This is according to speakers at a webinar on cyber resiliency and data protection, hosted by Veritas Technologies in partnership with ITWeb.
Johnny Karam, VP for Emerging Markets at Veritas Technologies, said: “We receive a lot of calls from non-Veritas customers struggling to recover after a cyber attack, and we see one thing they have in common is that their data grew into multiple different environments, and they ended up with disparate backups. This makes it extremely complicated to recover fast and at scale. We solve this problem by having one platform, with one set of policies applied wherever the data resides.”
Karam cited recent Veritas research, saying it was ‘eye-opening’ on multiple levels. “Among other things, we found 38% of IT executives report that downtime after an attack is five days or longer. Not only was there downtime, but there was also data loss - up to 20% of the data impacted in the attack may be unrecoverable,” he said.
...38% of IT executives report that downtime after an attack is five days or longer.
The research also found that 46% of respondents still see data security as the biggest risk, 65% have suffered a successful ransomware attack in the past two years, and only 39% reported the attack publicly. 48% had experienced data loss in the past two years.
On compliance, 18% said they were not fully compliant with national or regional regulations, and 24% had to pay compliance fines in the past year. Karam noted that the average compliance fine had increased by 117% over the past year, topping $336,000.
“One factor driving increased risk is digitalisation, which makes the attack surface larger,” Karam said. “More complexity is being created with more workloads, as well as the use of microservices and multiple cloud platforms. However, the skills needed to manage these environments aren’t keeping up. This is making automation more important.”
Build resilience before attacks occur
Peter Grimmond, Head of Technology, International at Veritas, said: “Organisations need to think differently about the way they protect environments and approach cyber resilience. They must combine information security and business continuity mindsets, considering how to prepare for what should be done before, during and after an attack.”
Grimmond said that organisations should build resilience before attacks occur, with comprehensive data inventories, mapped out to understand dependencies.
[Organisations] must combine information security and business continuity mindsets, considering how to prepare for what should be done before, during and after an attack.
“Then you can think about the recovery requirements for data and services, and move to protecting your data, thinking about the recovery window and build protection strategies aligned with this. You also need to assess your security position and harden your infrastructure. Importantly, you must have an isolated copy of your critical data, which is immutable and has a separate set of access controls. The 3-2-1-1 principle says organisations should have three copies of data on two different media types, one copy of which should be kept off site, and at least one copy should be immutable,” he said.
Grimmond advised that organisations build their ability to observe and detect threats during an attack, with tamperproof production data and impact analysis.
“After an attack, you need good forensics capabilities, and an isolated recovery environment with separate access controls so that you can be confident the recovery is clean. In this way, you will be in a position to quickly recover to production – at scale,” he said.
Outlining Veritas’s broad cyber resilience portfolio, Grimmond said: “Our approach is to enable cyber resilience with data security, data protection and data governance capabilities. We deliver 360-degree defence, with heterogeneous asset inventory, data posture management, behavioural anomaly detection, multi-tiered data classification, end user sentiment analysis, multi-layered immutability, pull-based recovery environment and extensible orchestrated recovery.
We offer a tamperproof and resilient platform, secure by design and default.
"We also partner with leading companies to deliver a full suite of resilience capabilities, with all the integrated solutions tested in the Veritas REDLab.
“The breadth of our portfolio delivers a broad data management platform that enables cyber resilience across all the platforms organisations use. This helps reduce the complexity of managing data, the risk and the costs involved. We offer a tamperproof and resilient platform, secure by design and default. Veritas is cloud native with flexible consumption options, unified management and integration. On top of that, we apply intelligence with dynamic and AI-driven technology.”