From important to imperative: Cyber resilience takes center stage

By: Ally Klopsch

Your company has a 27.9 percent chance of suffering a material breach over the next two years. That’s according to the Ponemon Institute’s 2018 Cost of a Data Breach study, which defines a breach as an incident involving 1,000 or more lost or stolen records that contain personal information hampering business continuity.

The rising cost of cybersecurity incidents

While cybersecurity has always been important, cyber resilience is now an imperative for the enterprise. Ponemon Institute’s study determined the average total cost of a breach have risen to $3.86 million. Those costs include finding the breach, responding to it, notifying those affected by it and losing business revenue due to downtime, customer attrition, reputation damage and regulatory fines. Some businesses find themselves unable to recover from the losses. Cyber-attack and data theft are threats that can no longer be ignored.

Today’s businesses — and their customers — have near-zero tolerance for service outages and business disruptions. That tolerance is tested further if the incident is related to a cyber-attack. As a result, businesses find themselves juggling their resources between incident prevention, disaster recovery and cyber recovery. All three are necessary for a comprehensive business continuity and cyber resilience plan. However, maintaining the balance between them is often complicated by complex hybrid IT infrastructure environments with cross-platform resource use and stringent business requirements for availability and performance.

Learn more about cyber-attacks and ransomware attacks and how to defend against them.

How to prevent and recover from data breaches

A thorough cyber resilience plan takes a holistic approach to security and business continuity. Plans must address prevention, detection and recovery. To be effective, your business continuity plan should include:

  • Monitoring platform configuration management. Look for tools that offer real-time cyber recovery updates so that business leaders can make informed decisions quickly. Your business continuity plan should include a solution that details system vulnerabilities and their severity level. It should offer insight into how resilient your system is and how ready you are for disaster recovery. This will pave the way for quick recovery after a cyber-attack or ransomware attack.
  • Secured and isolated storage. Your business continuity plan should include isolated and protected backup data. Backups are of no use if the breach that corrupted your production environment can also corrupt your backup data. Malware creators code specifically to traverse networks and target backup data. Your plan should set up air-gapped barriers between environments so that no exploits can penetrate them.
  • Anomaly detection and validation of point-in-time (PIT) copies. Successful data recovery depends on clean data copies that come as close to the point in time of corruption as possible. A smart business continuity plan includes regularly validating the PIT copies to check for any anomalies and verifying their accuracy and recoverability. Regularly checks and ensuring the availability of the most recent, good copies enables speedy recovery of business operations if and when anomalies are detected, minimizing the impact on your business.
  • Customer data protection. Cyber incidents, like cyber-attack and ransomware attack, are a concern not only for your business, but also for your customers and users. Your cyber resilience plan must include safeguards that protect customer data. Your plan must also be flexible and responsive enough to comply with any new data protection regulations that are implemented.
  • Testing and reporting. Putting a plan in place is only the first step. You must also regularly test the plan to ensure the ability to respond quickly and decisively to a cyber-attack. Depending on the business sector, there may also be additional regulations that demand both testing and reporting to prove compliance.

Defend your business, maintain availability and recover quickly in the event of disruption with IBM Business Continuity Services

The benefits of rapid recovery

As the likelihood of cyber incidents rises, the need for faster recovery from those incidents also rises. Organizations must be able to both reduce the occurrence of incidents and be ready to respond and minimize their associated costs when they do occur. Having a business continuity plan that ensures quick recovery, even for a complex, hybrid infrastructure, is crucial. The solution is orchestrated data recovery and cyber incident life cycle management, which can minimize business loss due to downtime and keep your organization’s reputation and customer base intact.

How comprehensive is your disaster recovery plan for cyber incidents? Are you ready?


Learn more about IBM Resiliency Orchestration and Cyber Incident Recovery and schedule a complimentary 30-minute consultation to learn what you can do to protect your organization.

Ready to take the next step? Schedule a consultation with an IBM Business Continuity Services expert.

Related topic: Disaster recovery as a service (DRaaS)

IBM products related to business continuity plans

Understand how to plan for and react when business disruptions are happening.

Adapt and respond to risks with a business continuity plan (BCP)

How to defend against cyber attacks

Do you have your disaster recovery plan (DRP)?

Defend against ransomware attacks?

What is data breach and how to defend against one?

What is a recovery time objective (RTO) and how does it affect disaster recovery for your enterprise?

What is an RPO (recovery point objectives)?

Topics: , , , ,

About The Author

Ally Klopsch

Principal Consultant, Marketing and Communications

Ally Klopsch is a results-driven and highly accomplished marketing leader who excels in developing and implementing marketing strategies with a customer first focus. For over 20 years working in multiple industries including technology, banking, education and healthcare, Ally has demonstrated success in delivering best in class marketing initiatives that extend across channels, thought leadership, communications,... Read more