How to Recover from a Destructive Cyber Attack
In my last blog, I discussed the massive growth in remote working and workforce enablement. At a broader level, this movement online has radically transformed how we live, work, learn, and shop. Our world is now highly connected. Data is regarded as the new gold, the currency that allows you to access smart insights and drive organic growth for your business. However, everyday businesses of all sizes across all industries are being targeted by cyber attacks with the majority focused on either data destruction or encrypting data and holding it for ransom.
Protecting Your Data is a Strategic Business Imperative.
Typically, these attacks bypass traditional security controls at the perimeter, allowing the attacker to go undetected for months or sometimes even years. In addition to the “bad guys” outside of your organization, the Verizon 2020 Data Breach Investigations Report references the fact that 30 percent of attacks involved an insider. While not all have malicious intent, insiders have privileged access to internal networks and present another threat vector, which must be planned for. According to the same report, 72 percent of the breaches involved large businesses and 86 percent were financially motivated. In many cases, the result was extended downtime, bringing operations to a halt for days and even weeks, potentially costing millions.
The cost implications are huge. According to Accenture, over $5 trillion total value is at risk globally over the next five years. This same report states “the average cost of cybercrime for an organization increased from US$1.4 million to US$13 million.” And that’s not even to mention the negative impact of damaged reputation and lack of shareholder confidence. It’s obvious that protecting your data is a strategic imperative for the long-term success of your business.
Prioritize What Matters Most
What can you do? While you should continue to do everything possible to defend your “castle”, you need to plan for scenarios, where defenses have been breached. Unfortunately, it’s no longer a question of if, but when your organization will be tasked with handling a cyber event. That doesn’t mean you are powerless – you can act now to identify and prioritize the data and applications required to ensure the continuity of your business. It sounds basic but effective security relies on defense in-depth and deploying layers of protections with your most critical data at the core. How confident are you in your ability to recover from a cyber attack? According to the Dell EMC Global Data Protection Index, 69 percent of respondents acknowledged they are not confident in their ability to recover business-critical systems after an attack.
Our Cyber Recovery Services: Assess, Advise, Design, Deploy
At Dell Technologies, data is part of our DNA. At Dell EMC, we were the pioneers in the development of disk arrays and mirroring technologies, which helped ensure that in the event of failure, data could be retrieved. Apart from security analytics solutions from our sister company, Secureworks, and our Incident Response and Recovery service, (link) we offer comprehensive Cyber Recovery Services, focused on all areas of operationalizing a cyber recovery solution. This includes advisory and design through validation testing and ongoing management. We start with dedicated workshops to get under the hood of your organization. We help you assess your business’s current state, review your recovery strategy, collect data on your applications, and understand their criticality to normal business operations.
Developing and Testing Recovery Plans
We will then work with you to integrate a NIST Cybersecurity Framework, effectively an aligned recovery solution that plans for a wide variety of threats, as well as developing and testing recovery plans and procedures. Critically, we will advise you on what should be protected in the air-gapped Cyber Recovery Vault. This is often referred to as the “crown-jewels,” “critical materials,” or “minimum viable company” – a collection of your most critical data and applications, which can be used to rebuild core functions first and get your business back up and running. This involves keeping those critical files off the production network and separated from production backup systems, which are often targeted first in an attack. With no direct network connection and multiple roll-back points available, this allows you to have an uncompromised “gold copy” ready for recovery.
Cyber Recovery Solutions
A picture paints a thousand words so let me share a couple of customer examples. One large company was impacted by a debilitating ransomware attack, causing significant loss. To reduce the impact of a future cyber attack on their organization, we worked with them to deliver a tailored end-to-end PowerProtect Cyber Recovery solution, consisting of hardware, software and services. This enabled them to meet their specific data protection and cyber security needs and they have now rolled this out globally as part of an enterprise-wide initiative.
Similarly, a large financial institution wanted to increase its cyber resilience and comply with new regulations in a key international market. We worked with them to deliver a tailored end-to-end Cyber Recovery Solution, helping them immediately comply with the regulators needs, while we worked with them to build out a global solution that would extend the capability to a larger percentage of their global backup applications and data.
The bottom line is that your data is your gold. Now more than ever, business resiliency is key. Protecting your business and your brand starts with protecting your data and developing a robust cyber recovery strategy. Contact your Dell Technologies Account Manager today – we’re here to help.
View this On-demand Session recorded during Dell Technologies World, May 5-6, 2021. “Increase Cyber Resilience: Recover with Confidence after a Destructive Attack“.