Click to learn more about author Hal Lonas.
Data protection, including backup and disaster recovery, and security in general are topics that have been top-of-mind with media over the past few years. But as we move into a new decade, businesses will need to have an understanding of how all of these technologies work together if they are to be successful. As we open the door to 2020, we will see the intrinsic need for IT resiliency – the bringing together of disciplines that will protect the most valuable assets of a company: its data.
According to the 2019 threat report by Webroot, a Carbonite company, we are facing evolving challenges, such as targeted ransomware, the increase of malicious IP addresses, and 220% more phishing sites. With this in mind, organizations need to look beyond mere prevention and opt for a holistic data protection approach:
- Transform the Cloud for Real Protection
More organizations now trust the cloud to be available and secure and to meet their business needs. Throughout 2020, we will continue to see the Moore’s Law effect. Network and storage costs will go down so that businesses can continue to reduce their on-premise footprint.
There also will be an evolution towards a common abstraction layer for interaction with cloud services. Similar to software-defined networking (SDN), software defined cloud-as-a-service will be lucrative. Since customers will not be tied to one vendor, they will be able to easily move between clouds (while also more easily spreading risk between those clouds), migrate data across clouds, and future-proof their investments.
Businesses will start by adopting more general cloud services or using disaster recovery-as-a-service (DRaaS). The key will be folding cybersecurity services into these more cloud-oriented solutions for a full resiliency plan in the event of a ransomware attack or natural disaster.
- Meet the Cyber Resiliency Bar
The world is changing, and so are the threats organizations are facing. 2020 will be the year of cyber resiliency, as enterprises start to realize the need to prevent, defend, and recover efficiently to not only stay secure, but to remain competitive. Organizations will need to take a multifaceted approach to achieve this. Setting different security layers, such as detection and prevention, as well as backup and recovery, will make for a solid defense.
For a complete, well-rounded security setting, organizations of all sizes need to start with a detection and prevention system. A strong perimeter is key to identifying and mitigating ongoing attacks and unauthorized access attempts on the system. As threats continue to evolve, detection in a timely manner becomes paramount.
The next step is a backup plan that will support a rapid recovery. In the case of infected data, a backup plan with versioning capabilities will allow businesses to roll their systems back to previous, non-infected data or files and recover them while minimizing downtime. It’s also important for businesses to keep in mind that we are not only fighting outside threats. Backup and disaster recovery plans also ensure continuity when non-malicious attacks happen, such as accidental deletions or natural disasters.
It is critical to rely on a failover plan, as it will enable operations in the cloud while the primary systems are being addressed.
- Start Transversal Education Now
We have heard time and again how employees are often the weakest link when it comes to the security of an organization, and this remains true. Companies have spent much time and effort fortifying data centers, but employees still receive thousands of emails, files, and messages a day, many of which contain malicious links or attachments. Employees’ lack of understanding around the risks of weak and reused passwords or unauthorized application installations, as well as the difficulty they have in recognizing threats like phishing, are an ever-increasing danger for businesses.
As we move through this new year – and new decade – we will see an increased need to address such vulnerabilities. From implementing new technologies, to fostering cyber-smart education, to integrated approaches, it will be a top priority to defend that first barrier between the company and the broader internet.
Arming employees with the knowledge and tools to effectively protect the organization and its data will improve and consolidate the security plan of the organization.
Threats and technology are evolving together, with both areas trying to stay one step ahead. In 2020, we will bear witness to a new concept of security, with a unified approach that brings together security and data protection into a resiliency practice within organizations. This new decade will start with a new level of education and far more demand for security solutions that encompass the need for protecting and being able to recover business-critical data.