So much of the world has changed over the last year. Our lives have become far more isolated, and technology has become entrenched into not only our work lives, but social lives as well.
By Mike Styer, GlassHouse South Africa country manager
Many enterprises have mostly empty offices with employees working primarily offsite and their digital transformation strategies have been vastly accelerated because of it.
In many ways, the challenges of Covid-19 have been tackled by the implementation of digital technologies. But underlying this all, the threat of cyber-attacks has found fertile ground within this environment.
While having the freedom to work from anywhere, employees having access to enterprise data from home has created a far larger perimeter for IT security professionals to patrol. This undoubtedly creates new holes within enterprise security strategy that will need to be plugged, especially with the substantial increase in new attacks arising from this new way of working.
IT security leaders know that often the weakest part of a sound security strategy are the users themselves. In a recent study by Deloitte, 47% of people fell victim to some kind of phishing scam while working from home. Attackers are taking advantage of people’s need to receive information regarding the virus, leaving them vulnerable to opening unwanted malware.
During this time, IT security leaders have been working exceptionally hard to maintain security across their organisations, but even the most diligent professionals will find it tough to protect the entire organisation with a large increase in never-before-seen malware, ransomware and attacking methods. Deloitte estimates that before the pandemic, around 20% of malware attacks were new to the security environment, this has now increased to around 35% of all malware attacks.
While enterprises have had a better time than medium-sized companies, there are still many holes to be plugged and an ever-growing landscape to contend with. It is with this in mind that enterprises are now looking towards cyber resilience, with cyber security being only a part of that strategy.
One key factor that organisations that are looking at being cyber resilient need to consider, is their data management strategy. Critical data is without doubt the currency of the dark web and the loss of critical enterprise data can cripple a company.
Sophos’ research on the state of ransomware showed that of the South African organisations that participated in the study, 24% of them were hit by ransomware in 2019.
From a global perspective, 51% of organisations had been targeted by ransomware, with 73% of those attacks succeeding in data encryption in 2019. If South Africa tracks with global trends, this number is likely to be even higher in 2021.
This is where cyber resilience becomes essential, with cyber recovery being a key part of this approach and this is where disaster recovery and IT data managers need to work with their IT security and Risk and Compliance teams to make a difference in strengthening the overall cyber resilience strategy.
The first key aspect of this is that preparation is key. While we are not able to determine what the next cyber-attack will look like, we can take every precaution to protect our data before we are attacked by creating an immutable copy. And really the only way to adequately protect your data is to isolate it through an air gap. Usually during an attack is when most data isolation strategies kick in. However, if you have isolated your data before the attack, that protection mechanism makes it far easier to prevent or recover from an attack on critical data.
This is a conversation that disaster recovery specialists can and must have with security leaders. Using services like Dell’s Cyber Recovery Services (CRS) along with PowerProtect, we help customers secure their data from intrusion using an “air gapped” solution that is consistently monitored for unusual activity using intelligent data analytics. These solutions are essential as enterprise security becomes a net with even slightly wider holes as employees migrate to unsafe Wi-Fi networks and other threats. This expands the need for security to look at services beyond the traditional enterprise network.
Cisco’s 2021 Security Outcomes Study says that if companies want to make their overall security strategies successful, it must start with IT and Security, Risk and Compliance working together. GlassHouse’s own experience shows the same.
Cyber resilience needs both IT security watching for attacks from the outside, while IT and data managers can help act as security guards for attacks that slip past. Using technology like Cyber Recovery Services (CRS) and PowerProtect, data managers, security and threat detection specialists will have the right weapons to help.