Businesses need to close the cyber security and disaster recovery gap
For too long, companies have treated cyber security, disaster recovery (DR) and back-up as separate functions, when in fact they serve the same purpose – protecting a business’s digital assets. Its data. Stewart Parkin, CTO, EMEA, of managed service provider Assured Data Protection, explains how businesses can better integrate their cyber and DR strategies to close any gaps, reduce risk and ensure business continuity.
Unfortunately, data breaches and ransomware attacks are inevitable these days. Hackers and cyber criminals are constantly on the prowl, probing cyber defenses, looking for weaknesses and openings. Even with the best endpoint security systems in place, businesses can’t account for an employee accidentally clicking on what appears to be an authentic link in a phishing email attack. The truth is a malicious code can go undetected for months on end, causing countless damage in the meantime. But businesses are fighting back. It’s estimated that cyber security and risk management spend globally will reach £215 billion in the next three years as businesses adopt a model of cyber resilience, to better manage the impact of cyber-attacks.
While the investment is welcome it’s driving a wedge between cyber resiliency and disaster recovery (DR) and backup, which has serious consequences. Especially when businesses discover they don’t have an adequate recovery plan in place following a data breach or ransomware attack. They can end up facing days, even weeks, of downtime while they restore lost and corrupted data. A business’s ability to bounce back from an attack is just as important as its ability to repel an attack in the first place. Which is why DR and backup should go hand in hand with cyber security to help businesses achieve a state of cyber resilience.
Addressing the DR blind spot
Distracted by the need to upgrade their cyber defenses and protocols, businesses have neglected to sync them with their DR and backup plans. It’s now in danger of becoming a bit of a blind spot, which presents a huge risk, especially when more and more businesses are reliant on third party solutions to recover data that resides in the public cloud. The more disparate the data – scattered across on-premises, public and hybrid cloud environments – the harder it is to recover. The last thing the board wants to hear in the wake of a cyber-attack is that remediation will take longer than expected and business operations will be disrupted in the meantime. A situation that could lead to financial losses and reputational damage.
Traditionally, DR has been seen as a response to natural disasters, such as floods or fires, or power outages, events that will compromise operations to company data centres or on-premises solutions. Cyber threats should be treated in the same way, especially as businesses become more reliant and public cloud infrastructures.
Recovering data through immutable backups
Traditionally, large enterprises and medium sized organisations have managed DR and backup in house, using their own servers and data centres. However, this has become a costly and time-consuming process over the last few years as businesses migrate data and systems to hybrid cloud infrastructures. A situation further compounded by the adoption of SaaS platforms to support specific functions and remote working. This increases the attack surface for hackers and makes companies more vulnerable. It requires a backup solution that can scale to meet the size and scope of an organisation’s digital footprint, one that can accommodate critical data and assets. The solution lies in having a third-party immutable backup in place that a business can fall back on in the event of a cyber-attack.
This integrated data management function enables businesses to transfer critical data and assets to a securely managed site and begin to take stock of what’s happened, nullify the threat and repair any damage caused in the attack. It’s a flexible and scalable solution where you can replicate and restore all your critical infrastructure to prevent any disruption to business operations. It’s also managed by a team of professionals around the clock. A dedicated team that will keep operations up and running to ensure business continuity.
Establishing the link between cyber security and DR
Businesses are more reliant on the cloud than ever, which is why it’s important to have DR and backup solutions that meet today’s digital requirements. Businesses need to have immutable backups in place to recover critical data the moment their systems are compromised by a cyber-attack. However, it’s essential that these backups are fully compatible with the cloud platforms and third-party solutions typically used by organisations today. Also, they need to be up and running immediately, otherwise businesses may have to wait hours or even days to resume normal operations. But that’s only half the battle to be fully secure and achieve cyber resilience, DR and backup solutions can now be integrated into corporate cyber security and DR strategies to deliver a more holistic approach to prevention and recovery. CIOs, CTOs and CISOs can finally connect the dots between cyber resilience and disaster recovery, consolidate resources, and drive cost efficiencies.