From important to imperative: Cyber resilience takes center stage
Your company has a 27.9 percent chance of suffering a material breach over the next two years. That’s according to the Ponemon Institute’s 2018 Cost of a Data Breach study, which defines a breach as an incident involving 1,000 or more lost or stolen records that contain personal information.
The rising cost of cybersecurity incidents
While cybersecurity has always been important, cyber resilience is now an imperative for the enterprise. Ponemon Institute’s study determined the average total cost of a breach have risen to $3.86 million. Those costs include finding the breach, responding to it, notifying those affected by it and losing business revenue due to downtime, customer attrition, reputation damage and regulatory fines. Some businesses find themselves unable to recover from the losses. Cyberattacks and data theft are threats that can no longer be ignored.
Today’s businesses — and their customers — have near-zero tolerance for service outages and business disruptions. That tolerance is tested further if the incident is related to a cyberattack. As a result, businesses find themselves juggling their resources between incident prevention, disaster recovery and cyber recovery. All three are necessary for a comprehensive business continuity and cyber resilience plan. However, maintaining the balance between them is often complicated by complex hybrid IT infrastructure environments with cross-platform resource use and stringent business requirements for availability and performance.
How to prevent and recover from data breaches
A thorough cyber resilience plan takes a holistic approach to security and resiliency. Plans must address prevention, detection and recovery. To be effective, your plan should include:
- Monitoring platform configuration management. Look for tools that offer real-time cyber recovery updates so that business leaders can make informed decisions quickly. Your resiliency plan should include a solution that details system vulnerabilities and their severity level. It should offer insight into how resilient your system is and how ready you are for disaster recovery. This will pave the way for quick recovery after a cyberattack or ransomware attack.
- Secured and isolated storage. Your business continuity plan should include isolated and protected backup data. Backups are of no use if the breach that corrupted your production environment can also corrupt your backup data. Malware creators code specifically to traverse networks and target backup data. Your plan should set up air-gapped barriers between environments so that no exploits can penetrate them.
- Anomaly detection and validation of point-in-time (PIT) copies. Successful data recovery depends on clean data copies that come as close to the point in time of corruption as possible. A smart plan includes regularly validating the PIT copies to check for any anomalies and verifying their accuracy and recoverability. Regularly checks and ensuring the availability of the most recent, good copies enables speedy recovery of business operations if and when anomalies are detected, minimizing the impact on your business.
- Customer data protection. Cyber incidents, like cyberattack and ransomware attack, are a concern not only for your business, but also for your customers and users. Your cyber resilience plan must include safeguards that protect customer data. Your plan must also be flexible and responsive enough to comply with any new data protection regulations that are implemented.
- Testing and reporting. Putting a plan in place is only the first step. You must also regularly test the plan to ensure the ability to respond quickly and decisively to a cyberattack. Depending on the business sector, there may also be additional regulations that demand both testing and reporting to prove compliance.
The benefits of rapid recovery
As the likelihood of cyber incidents rises, the need for faster recovery from those incidents also rises. Organizations must be able to both reduce the occurrence of incidents and be ready to respond and minimize their associated costs when they do occur. Having a plan that ensures quick recovery, even for a complex, hybrid infrastructure, is crucial. The solution is orchestrated data recovery and cyber incident life cycle management, which can minimize business loss due to downtime and keep your organization’s reputation and customer base intact.