Cyber-attacks are a pressing concern for businesses in the age of rapid digital transformation. These attacks are growing, in terms of complexity and frequency, with criminal groups and state-backed actors representing a large chunk of the online threats. JBS – one of the world’s largest meat processors – was hacked on May 30, 2021 crippling its servers and leading to shutdown of all of its production plants in the US. On June 9, the company paid a ransom of $11 million in bitcoins to Russian-based hacker group REvil, following which most of its facilities were back up and running. With rising geopolitical complexities, such attacks are likely to grow. So institutions, both state and corporate, must be prepared. Cyber resilience is the need of the hour. It requires a combination of proactive and reactive strategies that not only provide protection, but also ensure business continuity.
The cost of progress
With digitization and a growing number of companies expanding their online presence, the collection and storage of data has witnessed exponential growth. According to an IDC Survey, the enterprise data collection is expected to increase at an annual growth rate of 42.2% for the next couple of years.
So, along with its benefits, digitization has also created new risks and points of vulnerability. Malware and ransomware attacks have cost companies dearly and led to long-term damages. Ransomware attacks, in particular, have grabbed headlines with their high-profile targets such as the May 7, 2021 attack on Colonial Pipeline by the hacking group, DarkSide. The attack targeted the company’s computerized equipment that directly managed the pipeline. Colonial was forced to halt operations and had to pay a ransom of 75 bitcoins, equivalent to $4.3 million. Computer giant Acer was also the target of a cyber-attack in March 2021, with the attackers demanding a record ransom of $50 million for the recovery of sensitive data.
Businesses today run on data and, as automation takes over key functional processes, this reliance is only set to grow. The cybercriminals behind ransomware attacks understand this very well, and that’s why they hold sensitive, proprietary data hostage. According to a recent report, data breaches exposed 36 billion records in the first half of 2020. Such breaches are devastating for businesses. Apart from the financial and legal implications, they result in an immediate erosion of customer trust and loyalty and can tarnish a business’ reputation for years.
The need for a data-centric solution
Existing cybersecurity solutions in the market focus on protecting and recovering the organization’s infrastructure and applications. They tend to neglect the critical data that resides within them. So while fortifying servers, networks, and applications are critical preventive measures, data protection and quick recovery must be a high priority too. CIOs today are beginning to accept this and seek to make their organizations cyber resilient, instead of simply strengthening their cybersecurity. Cyber resiliency allows organizations to quickly recover from breaches while simultaneously protecting critical data. Unfortunately, though, a recent report states that 40% of businesses are still not protected by any cybersecurity program, let alone one that offers cyber resilience.
So, what does cyber resilience mean? Overarchingly, cyber resilience means going beyond a mere front-end protection, and building a cybersecurity program that is able to protect from attacks as well as bounce back in the event of an attack with minimal downtime and loss.
As the NIST (National Institute of Standards and Technology) framework rightfully identifies, front-end systems can fail to detect vulnerabilities. They will do little to protect against insider threats or sophisticated phishing and social engineering campaigns. These attacks seek to disrupt business activity by causing data loss, data exposure, and corruption of files and databases. A cyber-resilient organization can counter such attacks by its ability to respond and recover quickly. Building cyber resilience requires a three-pronged focus on data protection, training, and recovery.
Data protection occurs in many layers- isolating the data, ensuring it has immutable copies, and leveraging intelligent systems to keep compromised data out of the vault. Considering the current threat landscape, a simple air-gapped vault for critical data storage is not secure enough. The use of artificial intelligence, machine learning-based tools, and advanced algorithms can help organizations proactively detect risks, data/signature changes, patterns, and threats. For example, an automated recovery process based on AI/ML algorithms is considered more secure as it eliminates insider threats and human errors.
Your people are your organization’s greatest strength, but without adequate training and awareness on cybersecurity, they can become prime targets for bad actors. Training is a key element of cyber reliance because cyber threats are getting increasingly sophisticated and devious. So, cyber awareness and knowing various methods of attack are must for employees. A workforce that is well-trained and updated on best practices and protocols in cybersecurity can be a strong line of defense. They will also be able to better leverage new tools and technologies, for a stronger defense.
Given the speed at which modern businesses operate, business agility and continuity are crucial. A mature recovery program is an absolute must for the protection and recovery of business-critical data. Such a program needs to integrate the three layers– security, infrastructure, and application– for the most comprehensive and end-to-end coverage possible. A mature program should be able to examine your risks, ensure the right security architecture design, implement robust data protection processes, and fortify recovery planning.
The big picture
An organization can never be fully immune to cyber-attacks. The best strategy in this age of disruption is one that minimizes downtime, optimizes return to business as usual (BAU), and reduces the risk of loss of reputation and revenue. A robust data security strategy is the first line of defense, while a secure and rapid recovery plan acts as the last.
The joint Cyber Resiliency solution from HCL and Dell Technologies improves resiliency with an agile, robust, and coordinated strategy that identifies, protects, and recovers business systems, applications, and critical data they hold. The partnership leverages HCL’s service expertise and domain proficiency, as well as Dell’s infrastructure; formulating an operating procedure that assures business continuity, while offering low RTO and highest security standards to critical data. The HCL Dell Ecosystem Unit is able to consistently deliver Dell Technologies’ cyber recovery solution across all four methods- hosted, on-premises, and infrastructure services in a virtual vault together or as a fully managed solution.