According to TechJury, 30 000 websites are hacked daily, and 65% of companies worldwide have experienced at least one form of cyberattack.
By Lourens Sanders, solution architect at Infinidat
In March 2021, globally there were 20-million breached records, and in 2020, ransomware cases grew by 150%.
It is abundantly clear that data protection has become critical and backup alone is no longer enough. The reality is that cyberattacks are no longer a matter of ‘if’ but ‘when’, as these statistics highlight, and the ability of organisations to bounce back from an event is key.
Disaster recovery (DR) and cyber resilience are therefore key elements when considering a modern data protection strategy.
The cybercrime landscapes
There has been a surge in cybercrime of late, particularly in the Covid-19 era, and online scams, digital extortion, ransomware, phishing and botnets have all seen an exponential rise. Attacks have also increasingly disrupted services to customers, targeting critical applications and services on the front end in particular.
While this has been a global trend, South Africa is no exception. According to the Interpol African Cyberthreat Assessment Report, South Africa had 230 million threat detections in 2021. The country also has the third-highest number of cybercrime victims worldwide, at a cost of R2.2 billion per year.
We have seen some high profile ransomware attacks in the public sector where critical documents were encrypted and operations were halted. Some of these cyberattacks were perpetrated by means of email phishing and ‘drive-by-downloading’ or the unintended download of malicious code. Other attacks had consequences where customer and employee information was compromised by means of a data leak and posted online.
No business can afford the downtime
Aside from the cost of a successful cyberattack, which can be substantial, there are many other implications relating to the downtime such an event can cause. There is significant loss of productivity and loss of business opportunities because the organisation effectively grinds to a halt.
Lost data can also be catastrophic as this is the lifeblood of the modern, digitally driven organisation. In addition, damage to a brand’s reputation can have long-term repercussions that can financially impact a business for years to come.
The reality is that, while it remains essential to have first-line data and cyber-protection solutions in place, it is becoming increasingly likely that at some point these defences will falter under an attack. The data and cyber-protection infrastructure has become one of the most targeted areas of business, and there is no guarantee that data that has been protected has not already been compromised.
A multi-pronged approach
First line defence is no longer sufficient protection. There is a high likelihood of the attack origin being internal, not necessarily from malice but from a lack of cyber-awareness on the part of employees. There is also much work to be done on other lines of defence such as risk, compliance and audit.
Data and cyber security need to form part of a much broader strategy, which requires a multi-pronged approach with multiple copies of data, multiple failover scenarios, guaranteed uptime and high availability.
Rather than simply protecting and ensuring the availability of the data, it is the applications and services that must be addressed, otherwise the data is useless.
In order to do this, businesses must include the key elements of cyber resilience. They are edge and network security, the ability to track if there is indeed a breach and lastly, ensure your data is on cyber resilience storage that features immutable snapshots, air gapping replication, encryption, access management and rapid recovery
The evolution of data protection into cyber resilience
The approach outlined above forms the basis of cyber resilience to provide a business with guaranteed availability, and a broad range of options for recovery of the entire business to ensure continuity. A cyber resilience solution covers both primary and secondary storage with industry-leading data protection solutions, allowing for fast, high-performing recoveries or business continuity by maintaining ease of use.
Features such as logical local (creating an air gap between the source data and immutable snapshot) and remote air-gapping (where data is sent to a remote storage system), in conjunction with the ability to test data in a readily available fenced network/isolated environment, help ensure the solution provides both short- and long-term recovery options. Immutable snapshots are crucial too where copies of the data cannot be altered, deleted or edited.
Once a known good copy of data that has no ransomware or malware has been identified, it can be recovered. In addition, a cyber resilience strategy should offer detailed visibility in the form of active monitoring and alerting to areas of concern. It should also be all-inclusive both from a financial investment and an implementation point of view.
When it comes to ensuring business continuity in a world where cyberattacks have become a daily concern, protecting data is no longer enough. When defences fall, a strategy and solution to get business back up and running is critical. Cyber resilience helps businesses to recover from such events and delivers a new level of modern data protection in a digital world.