The San Francisco 49ers. Cisco. CommonSpirit Health. The Los Angeles Unified School District.
What do these private, nonprofit, and public sector organizations have in common?
All were impacted by costly ransomware attacks in 2022.
Ransomware has been accelerating, and no business or organization—from the smallest to the largest—is immune to threats from malicious hackers. With data resilience in your cybersecurity strategy, you are better prepared for the tenacity of modern cyber-attacks.
Your day-to-day operations, protection of customer data, and brand reputation rely upon data protection and security that takes a “not if, but when” stance—and enables data restoration when a breach almost inevitably takes place.
“We have to assume everyone will be attacked. And if we all agree that bad actors are going to access your networks, then you need your most critical data encrypted and non-accessible.”
– Jeremy Lombardo, President, CyberNorth
Here are four critical steps to take so that your organization becomes data resilient and ready for today’s threats as soon as possible.
GET—AND SUSTAIN—SUPPORT FROM LEADERSHIP.
The cybersecurity buck doesn’t stop with an organization’s chief information security officer (CISO) alone. The responsibility for establishing and maintaining data resiliency rests with leaders across your organization from the chief executive officer to division leaders through branch office managers.
But before they can establish defensive measures and prioritize data resiliency, busy executives need to fully understand the risks, the threat landscape, and how security strategy costs compare to the cost of attacks. A 2021 survey of executives by (ISC)2 found that they want more details from their cybersecurity teams about critical investments needed to boost data protection, how those investments will improve security, and timely updates on the impact of ransomware attacks.
To accelerate your organization’s journey to greater data resiliency, start by increasing communication about the current threat landscape and the measures that support business and operational continuity.
IDENTIFY YOUR CYBERSECURITY GAPS.
Cybersecurity gaps differ between organizations. Before you can correct them, you need to understand where the greatest gaps are in your enterprise. Common security shortfalls include:
- Employees lacking up-to-date cybersecurity training
- Outdated, unsupported, and unpatched software
- Complex networks and widespread, unsecured endpoints
- Unclear or outdated security policies and cyber-attack response planning
- Not enough cybersecurity personnel to manage cyber detection and response
- Lack of technology support for breach detection, security monitoring, and data backup and recovery
To find security gaps, begin with an organization-wide audit of your security training programs and policies, software update and patching schedules, and your incident response plans. Also, review technology solutions that reduce vulnerable attack surfaces, monitor your full IT infrastructure for anomalies, automate data backups, and enable rapid restoration of data across your cloud and on-premise environments.
UPDATE YOUR DATA ISOLATION, BACKUP, AND RECOVERY STRATEGY WITH AIR GAPPING.
Cyber attackers never rest—and their strategies are constantly evolving. Your protection strategies need to evolve and change too. The traditional 3-2-1 backup and recovery strategy (3 data copies, 2 different media, 1 off-site) remains critical for data protection. But relying on offsite magnetic tapes for air gapping lacks the recovery agility and speed companies need to prevent unplanned business downtime, which is costly to organizations of every size and in every industry.
The modern air gap is virtual and harnesses the agility of the cloud so companies can recover data faster, have greater control over what data to recover, and where in your IT architecture to restore the data—whether that’s in the cloud, to your on-prem database, or across a hybrid environment.
Features of air gapping for greater data resilience and business continuity include:
- A secure, temporary network that is cut off after vaulting
- Multiple layers of tamper resistance, including data-at-rest and data-in-flight encryption and immutability
- Tight access controls and quorum-based authorization
- Customizable protection policies to meet unique business needs and industry-specific regulatory requirements
- Simplicity and automation, so data backup, air gapping, and recovery don’t add new layers of operational complexity
CLARIFY YOUR DATA RECOVERY GOALS.
Finally, having all of your critical data at the ready for rapid recovery is cost prohibitive. You need to take a full inventory of your business data and categorize it according to recovery objectives. This will vary between companies.
Some organizations may simply have a mission-critical data category that requires rapid recovery to ensure continuity of day-to-day operations—plus a secondary bucket of data that won’t halt operations if recovery is slower.
Other companies will have a larger number of categories, such as financial services and healthcare institutions that have abundant sensitive data about customers or organizations with proprietary data.
Next, you’ll assess the risk and impact of a breach on your various data categories and set clear recovery objectives related to recovery time, data types, geographic region, and acceptable data loss.
Ransomware is an inconvenient reality for all modern businesses and clear-eyed, technology-supported preparedness is the best strategy.
Learn how CyberNorth partners with Cohesity to deliver modern air-gap solutions to protect your mission-critical data—while establishing data resilience that’s ready for today’s tenacious hackers and tomorrow’s unknown cyber risks.