From important to imperative: Cyber resilience takes center stage
Your company has a 27.9 percent chance of suffering a material breach over the next two years. That’s according to the Ponemon Institute’s 2018 Cost of a Data Breach study, which defines a breach as an incident involving 1,000 or more lost or stolen records that contain personal information hampering business continuity.
The rising cost of cybersecurity incidents
While cybersecurity has always been important, cyber resilience is now an imperative for the enterprise. Ponemon Institute’s study determined the average total cost of a breach have risen to $3.86 million. Those costs include finding the breach, responding to it, notifying those affected by it and losing business revenue due to downtime, customer attrition, reputation damage and regulatory fines. Some businesses find themselves unable to recover from the losses. Cyber-attack and data theft are threats that can no longer be ignored.
Today’s businesses — and their customers — have near-zero tolerance for service outages and business disruptions. That tolerance is tested further if the incident is related to a cyber-attack. As a result, businesses find themselves juggling their resources between incident prevention, disaster recovery and cyber recovery. All three are necessary for a comprehensive business continuity and cyber resilience plan. However, maintaining the balance between them is often complicated by complex hybrid IT infrastructure environments with cross-platform resource use and stringent business requirements for availability and performance.
How to prevent and recover from data breaches
A thorough cyber resilience plan takes a holistic approach to security and business continuity. Plans must address prevention, detection and recovery. To be effective, your business continuity plan should include:
- Monitoring platform configuration management. Look for tools that offer real-time cyber recovery updates so that business leaders can make informed decisions quickly. Your business continuity plan should include a solution that details system vulnerabilities and their severity level. It should offer insight into how resilient your system is and how ready you are for disaster recovery. This will pave the way for quick recovery after a cyber-attack or ransomware attack.
- Secured and isolated storage. Your business continuity plan should include isolated and protected backup data. Backups are of no use if the breach that corrupted your production environment can also corrupt your backup data. Malware creators code specifically to traverse networks and target backup data. Your plan should set up air-gapped barriers between environments so that no exploits can penetrate them.
- Anomaly detection and validation of point-in-time (PIT) copies. Successful data recovery depends on clean data copies that come as close to the point in time of corruption as possible. A smart business continuity plan includes regularly validating the PIT copies to check for any anomalies and verifying their accuracy and recoverability. Regularly checks and ensuring the availability of the most recent, good copies enables speedy recovery of business operations if and when anomalies are detected, minimizing the impact on your business.
- Customer data protection. Cyber incidents, like cyber-attack and ransomware attack, are a concern not only for your business, but also for your customers and users. Your cyber resilience plan must include safeguards that protect customer data. Your plan must also be flexible and responsive enough to comply with any new data protection regulations that are implemented.
- Testing and reporting. Putting a plan in place is only the first step. You must also regularly test the plan to ensure the ability to respond quickly and decisively to a cyber-attack. Depending on the business sector, there may also be additional regulations that demand both testing and reporting to prove compliance.
Defend your business, maintain availability and recover quickly in the event of disruption with IBM Business Continuity Services
The benefits of rapid recovery
As the likelihood of cyber incidents rises, the need for faster recovery from those incidents also rises. Organizations must be able to both reduce the occurrence of incidents and be ready to respond and minimize their associated costs when they do occur. Having a business continuity plan that ensures quick recovery, even for a complex, hybrid infrastructure, is crucial. The solution is orchestrated data recovery and cyber incident life cycle management, which can minimize business loss due to downtime and keep your organization’s reputation and customer base intact.
Related topic: Disaster recovery as a service (DRaaS)
IBM products related to business continuity plans
- IBM Resiliency Orchestration
- IBM Disaster Recovery as a Service (DRaaS)
- Cyber Resilience Services
- Data protection with Backup as a Service (BaaS)
- IBM Business Continuity Consulting Services
- IBM Data Center Services
Understand how to plan for and react when business disruptions are happening.