From malware, intellectual property theft and phishing to full-scale ransomware attacks — no company is immune to cyberattacks. There has been a precipitous rise in ransomware attacks. Reports of cybercrime have come from government organizations, healthcare, technology companies, banks, nonprofits, educational institutions and many others. The threat is real for every profession, industry, company and country.
Cybercriminals are constantly finding sophisticated ways to breach sensitive data and at the same time, threat detection against increasingly frequent cyberattacks has become more challenging. Cybersecurity Ventures predicts ransomware will cost its victims more approximately $265 billion (USD) annually by 2031, with a new attack every 2 seconds as hackers increasingly refine their malware payloads and extortion demands.
Even those numbers are conservative estimates, given that the recently released 2022 update to the Verizon Data Breach Investigations Report (DBIR) found that the number of ransomware attacks increased by 13 percent between 2020 and 2021 — more than in the last five years combined.
Human error was responsible for 82 percent of attacks analyzed during 2021, according to the DBIR, with 25 percent of breaches caused by social engineering attacks.
Addressing this ‘alarming’ data and defending refined cyberattacks requires more than just a traditional business continuity and disaster recovery plan. Chief Information Officers (CIOs) must focus on resilience — not just to protect IT infrastructure and applications, but also to counter unexpected disruptions and escalating attacks while recovering valuable business data.
As data is the foundation of the digital economy and the threats against this vital asset are immense, the interplay of cyber resilience demands an integrated approach to identify, protect, detect, respond to and recover from cyberattacks.
Certainly, the surge in cyberattacks demands a proactive, rather than a reactive approach to security awareness, resilience and training to overcome disruptive cyber incidents. A unified understanding is needed to establish a resilience plan that parallels digital transformation efforts.
The struggle to strengthen business-critical application security
According to the IDC security spending guide, worldwide security spending is forecast to grow at a rate of 9.4% over the 2020-2025 period, reaching a total size of US$189 billion in 2024, from the base of US$131 billion in 2020.
Traditional business continuity and disaster recovery approaches focus on recovering applications and systems, but not the critical data they might hold. Organizational complexities prevent these approaches from identifying all the critical data and executing a coordinated response.
Anand Swamy, SVP, Tech OEM Ecosystems at HCLTech, comments: “Cross-functional business diversification across different industries always poses challenges to developing unified resilience strategies regarding technologies, platforms, tools, people and regulatory requirements.”
“Businesses may or may not have a complete view of their sensitive data across systems and infrastructure,” he adds.
Responding to this challenge, HCLTech and Dell Technologies collaborated to develop a unique cyber resiliency service that offers a strategic protocol to identify the business-critical applications, infrastructure and its interdependencies.
Renju Verghese, Chief Fellow and Architect from Cyber Practice at HCLTech, continues: “The need to establish, incorporate and execute on a well-defined business resilience plan is required to maximize business continuity with the lowest recovery time objective (RTO), while maintaining the highest security standards in protecting an organizations’ critical business systems and data”.
Jim Clancy, Senior Vice President, Data Protection Services, Dell Technologies adds: “Our cyber recovery solution offers an operationally air-gapped cyber vault for storing and recovering critical data. The vault is separate from the network for stronger protection. Rather than recovering data directly into production, data can be tested outside the system during the recovery process. Having a vaulted clean copy of your critical data to recover from is a must have as part of a cyber-resilience strategy. Dell Power Protect Cyber Recovery provides proven, modern and intelligent protection to isolate critical data, identify suspicious activity and accelerate data recovery allowing you to quickly resume normal business operations with known clean data.”
Technologies for creating a cyber-resilient environment
Given the recent headlines, cyber recovery is the key enabler of cyber resilience. As businesses commonly have data spread across on-premises, public cloud and repositories, it’s crucial to focus on increasing the ability to recover from cyberattacks through technologies, processes and strategies in cyber resilience planning. Below are some of the latest technologies and solutions provided by service providers to mitigate risks, meet business requirements and develop robust cyber resilience strategies.
Automation is a defining element of the modern cyber resilience approach. With automated backup, reporting and alerts, businesses can optimize IT operations, diagnose issues, prevent operational risks and reduce downtime as much as possible. Automation accelerates restoration times and minimizes recovery errors.
Air-gapped backups isolate and detach target storage volumes from unsecure networks, production environments and host platforms. In this advanced data protection feature, air-gapped volumes are “turned-off” by default and are inaccessible to applications, databases, users and workloads running on the production environment.
Zero trust follows the motto ‘never trust, always verify’. The framework ensures that all users authenticate themselves before they get access to an organization’s data or application. Zero Trust doesn’t assume that users inside the network are more trustworthy than others and enables stricter scrutiny of all users, resulting in an enhanced information security standard.
Extended detection and response (XDR) detects and responds to security threats and incidents across endpoints, networks and cloud, while making connections between data in siloed locations. This advanced cybersecurity technology analyzes threats from a higher, automated level and can help minimize current and future data breaches across an organization's entire ecosystem of assets.
Defensive A.I./ML based security tools help defend against offensive A.I and adversarial machine learning that measure, test and learn how the network functions and tricks machines into malfunctioning. As offensive A.I. is more difficult to detect by traditional cybersecurity tools, defensive A.I. can strengthen algorithms and conduct more stringent vulnerability tests.
To learn more about HCLTech’s cyber resiliency initiative with Dell Technologies, click here.