Billions of threats, milliseconds to respond: Automating resiliency

By: Michael Puldy


Time is not on our side. To succeed against threats, organizations need automation and cognitive technologies combined with strategy, process and testing. Effective resiliency requires investment, leadership and a culture where people imprint an always-on attitude onto their professional DNA.

For decades, business continuity was viewed as a way to prevent disasters when hardware and software failed. This process focused primarily on preparing for human error, poor change management and natural disasters like hurricanes, floods and fires. But now, more than any other time in history, cyberattacks are flooding the front lines in the resiliency battle. Cyberattacks aren’t just another threat — they’re the mother of all threats.

Enhancing resiliency against cyberthreats

If you’re looking to strengthen your cyber resiliency, start by checking out this Digital Attack Map, which charts the daily reported distributed denial-of-service attacks around the world. Although it only shows the top 0.1 percent of reported threats, this image demonstrates that network-based attacks are coming from every direction.

Next, turn to IBM data reported in late March. Over 4 billion records were compromised in 2016 from the 8,000 IBM-monitored security clients in 100 countries, plus ancillary data. IBM’s X-Force counted over 8 million spam and phishing attacks on a daily basis — averaging about 3 billion attacks in a year. The study also found that criminals made over $1 billion on ransomware attacks in 2016.

Moreover, 51 percent of the 618 companies interviewed by Ponemon in a Rise of Ransomware study reported experiencing a ransomware attack. But despite the growing problem, 57 percent of organizations believe their company is simply too small to be the victim of an attack.

This perception is flat-out wrong. Technology outages — including ransomware disasters — do not discriminate based on company size, geographical location or personnel demographics. Check out IBM Security’s Caleb Barlow in his TED Talk for further information on this issue. There’s a reason ransomware has become a multibillion-dollar industry resulting in both unseen downtime costs and highly visible ransom money paid to criminals: The ransomware business is highly organized and highly profitable.

Automate for iron defenses

While protection starts simply with a backup, businesses need an always-on strategy, automation to quickly activate defenses and cognitive technologies when the immediate answer isn’t so obvious. And, as I’ve reported in previous blogs, just because your everything-as-a-service is in the cloud, a cloud platform doesn’t automatically mean your data is backed up.

In the large-system world, sophisticated automated failover and fallback technology has been around for decades. In the cloud world, the technology is relatively new, but it’s spreading fast. Through software-defined resiliency, automation can be monitored and automatically self-heal broken infrastructure. Real-time replication of data combined with software-based orchestration tools makes this possible.

You can also make use of Watson for cybersecurity to power cognitive security operations centers. With only 7 percent of security professionals using cognitive tools to improve their ability to detect and accelerate their response to cyberthreats, the opportunities artificial intelligence brings to the table are massive.

On May 15 – 19, the Business Continuity Institute is sponsoring Business Continuity Awareness Week, a worldwide event focused on raising the awareness on business continuity threats and solutions. At IBM, with 380,000 employees spread across 170 countries, we take this opportunity to raise the awareness level of our entire company. During this week, we will not only cover the basics of confirming data is regularly backed up but also discuss cyberthreats and technologies available to maximize protection and accelerate our response.

What is your company doing next week? I encourage you to join me in this conversation.

Topics: , , , ,

About The Author

Michael Puldy

Director of Global Business Continuity Management for Global Technology Services, IBM

Michael is responsible for long term strategy, tactical guidance and governance for business continuity management and resiliency programs across the globe at IBM. For the majority of Michael's career, he has focused almost exclusively on business resiliency. From his personal experience in the financial industry through his services and product tenures at IBM, he has... Read more

Post a comment