By Hayden Sadler, Country Manager for South Africa at Infinidat
As cyberattacks continue to rise, enterprise storage cyber resilience and data protection is essential for enterprises – it is a matter of when and not if an enterprise will suffer from a cyberattack. The pressing challenge enterprises are experiencing is that cybercriminals have evolved their attacks targeting not just primary storage and production data but also secondary repositories and data backups. A data breach can have catastrophic consequences on an organisation and render unprepared businesses offline for extended periods of time as they scramble to recover. However, cybersecurity alone is no longer sufficient. While preventing a cyberattack is the optimal strategic approach, it is not always possible, and when an incident occurs, cyber resilience is key to reducing downtime to a matter of minutes instead of days, weeks or even months.
Serious business
Cyberattacks have become a significant problem globally: 66% of Fortune 500 CEOs named it their #1 business threat in the Fortune 500 CEO survey in May 2021, and a KPMG CEO survey in March 2021 found the same result. The analyst firm IDC found that a third of organisations worldwide have experienced a data breach, and that 87% of organisations that were impacted by ransomware actually paid a ransom.
Alarmingly, the average number of days to identify and contain a data breach, according to security analysts, is 287 days. During this time, businesses are losing money, forfeiting customer trust, damaging their reputation, and potentially remaining in breach of compliance regulations. There is a clear need for businesses, including South African companies, to implement a comprehensive cyber resilience strategy.
Bounce back fast
A robust cyber resilience strategy helps organisations not only protect themselves from the increasing number of cyberattacks, but also recover from such attacks in the fastest possible timeframe and continue core business functions in the face of an attack.
Business continuity is critical to maintaining operations in the event of a disaster, and any good disaster recovery plan today must include combatting cyberattacks because it puts critical systems at risk. A comprehensive digital transformation strategy that addresses cyber resiliency requires integration of cybersecurity throughout the enterprise lifecycle – to protect the business, detect changing risk surfaces and evolve the capability to address changing threat levels.
Introducing cyber resilience
A cyber resilient storage solution is a critical component of an overall cyber resilience strategy, and should include four key elements across both primary and secondary storage: immutable snapshots, logical air-gapping, a fenced forensic environment and near instantaneous recovery.
Immutable snapshots assist in preventing data sets from being modified, removed, or changed in any way before their expiration date, because they cannot be altered by anyone, whether they are an administrator or a rogue user. Backup images can also be stored as hidden snapshots, further preventing attack. Logical air gaps separate data by creating a secure area within the same system that is unreachable by usual means, to safeguard data from attacks.
A fenced forensic environment allows organisations to deliver their isolated, immutable copies to a ‘sterile’ network, complete with vetted secure computing resources, tools, and apps. This further assists with examining, validating, and testing the copies, or do whatever else is necessary to ensure that they are valid. Finally, near-instantaneous recovery assists organisations that have suffered an attack to recover quickly from a known good copy of their data sets. In fact, Infinidat can recover an organisations backup data on secondary storage in as little as 12 minutes – with a guaranteed Service Level Agreement (SLA) of 20 minutes or less, and provides a guaranteed SLA of one minute or less on primary storage.
Steps to success
With a robust cyber resilience strategy in place, organisations have a solid plan to respond immediately after an attack and retain customer loyalty. Companies should be investing in storage solutions that have cyber resilient capabilities, and partner with an enterprise storage provider that offers storage that is integrated with a virtually instant data recovery strategy, enabling them to recover in a matter of minutes instead of the average of 287 days.