Click to learn more about author Mike Phelan.
For hackers, attacking a faceless enterprise seems like a victimless crime: hold the company’s data for a lucrative ransom payout. For companies, it is more than just the payout. It is lost revenue, reputation, and employee and customer trust – and can result in a total collapse of the business.
With so much of every business depending on technology and the associated data, businesses are a primary and sometimes easy target. Cyber criminals use sophisticated tools to capture and leverage data for ransom, corporate espionage, or even cyber warfare. It’s no surprise that nearly 80% of executives perceive cyber risk as one of their organization’s top concerns.
Over the past couple of years, a lot of energy has gone into preventing these attacks. Increasingly, companies are augmenting their existing disaster recovery (DR) plans with specialized cyber recovery (CR) strategies. With the relentless efforts of cyber criminals, companies have come to realize that it’s not if, but when, they will be attacked, and are investing in cyber resiliency solutions to minimize the damage, recover faster, and avoid costly payouts.
Cyber recovery planning can be complex – but it is crucial. Follow the five steps below to strengthen your cyber recovery strategy.
Go Beyond Disaster Recovery
First, recognize that cyber recovery planning is a specialized scenario that most disaster recovery solutions do not adequately cover. Cyber recovery is needed in order to protect your most essential data, minimize the risk of service disruption, and help your business remain resilient if faced with an attack.
Disaster recovery plans are focused on restoring business and data after an emergency, like floods and fires; the integrity of the data is not in question. A cyberattack requires a different approach because it is the data itself that is at risk, so the plan should include isolating, verifying, and recovering the data. A comprehensive cyber recovery strategy offers peace of mind by protecting a clean copy of mission-critical data to fall back on in the event that other copies are locked or corrupted.
Prioritize Your Data
Understanding what data needs protecting is a critical step, as it will determine how much space and time will be needed for the solution, which drives a lot of the cost. When prioritizing the data, businesses must also consider on-premises and public cloud data.
Today many chief information security officers (CISOs) are expanding budgets for data mapping and data inventory solutions. These solutions help provide visibility into how data flows through microservices and cloud data stores. Mapping data can help a business accurately prioritize the data to protect in the cyber recovery plans.
Leverage Air-Gapped Cyber Recovery Vaults and Immutable Copies
An air-gapped and secure cyber recovery vault provides both physical and logical isolation of critical data, ensuring that cyber criminals cannot get to “known good” copies. An immutable copy ensures no changes can be made to the data. The air-gapped environment can be used to run integrity checks on the data and can be used as an isolated recovery environment (IRE).
Should a cyberattack occur, the business would have a known good, clean, copy for recovery, either back to the data center or an alternate location. This rapid recovery minimizes disruption, allowing the organization to get back to business – with minimal disruption.
Restore Your Data Efficiently
Not all cyber recovery solutions support the same recovery paths. Some support recovering back to your on-premises environment, while others support recovery to a public cloud. A cyber recovery vault enabled for multi-cloud recovery allows you to choose from infinite resources, from across public clouds, for immediate restoration of your data. This multi-cloud approach allows you to choose where to run an application based on what’s most cost-effective, with the best performance, from among multiple commercial cloud platforms.
Remember That You’re Not Alone
As cyber recovery strategies become a standard, a growing number of valuable resources can help your organization. For example, the NIST Cybersecurity Framework provides guidance about identifying data, protecting it, detecting risks, responding to an attack, and recovering from it. Similarly, analyst firm Gartner’s How to Prepare for Ransomware Attacks provides steps for pre- and post-incident care to help guard against the financial and reputational impacts of an attack.
If the mere thought of a cyberattack is keeping you up at night, the reality of one is far worse. Cyber-resilient organizations anticipate the actions of cybercriminals to minimize the very real risks posed to today’s businesses.