Building cyber resilience is imperative for surviving attacks

How confident are you that your business will continue to operate in the event of a cyberattack? How would you recover from a cyberattack? Do you have a cyber incident recovery plan that makes every second count?

Information security and business continuity leaders often face these questions from their chief executive or their board. In all likelihood, they often ask themselves these same questions.

Today’s malware can affect systems and networks, even if they are seemingly fully patched, leading to loss or theft of millions of records, high financial costs, regulatory penalties, damage to brand and reputation, not to mention loss of customer trust.

According to the Ponemon Institute’s 2018 Cost of Data Breach Study: Impact of Business Continuity Management, the cost of mega data breaches involving 1 million to 50 million records ranges from $29 million to over $400 million. This doesn’t include the cost of recovery or rebuilding the damaged infrastructure and reputation.

Managing risks and challenges galore.

Most cybersecurity programs continue to be hamstrung by the organization’s traditional perspective of investing in prevention technologies. This is largely due to their inability to fully evaluate the complex landscape of risks and threats — often manifested in deployment of multiple point solutions that generally have a shorter shelf life. This challenge can be aggravated by unintended vulnerabilities that digital transformation, IoT adoption, and hyper-convergence create.

A large number of organizations still have aging infrastructures and processes. It is challenging to segment critical workloads from other workloads using legacy network infrastructure. While many organizations have business continuity and disaster recovery plans, they were not designed to be resilient against destructive cyberattacks or evolving threats.

Let us look at some of the other risks and challenges.


Why is it important to build resilience?

Over the past few years, cybersecurity technologies have evolved by leaps and bounds. We are getting better at securing our network perimeters, and threat intelligence today is powered by artificial intelligence. But adversaries are now as equipped and resourceful as legitimate business organizations — and they only need to get it right once, while we need to be right all the time. The Ponemon report also indicates that business organizations face more than a 32% likelihood of a material data breach by 2020.

With attacks becoming more malicious and techniques more advanced, the strategies and plans to mitigate the impacts of such attacks must also change. Businesses need new technologies and practices to survive and adapt to today’s cyber outage scenarios. Cyber resilience is a unified approach combining cybersecurity with data protection and disaster recovery methods, designed to protect against and rapidly recover from disruptive cyber incidents.

Innovation to help businesses build cyber resilience.

With a comprehensive portfolio ranging from advisory services to data protection, resiliency orchestration and disaster recovery solutions, IBM has been working closely with our clients to help them become truly cyber-resilient. While our cyber resilience capabilities can ensure faster response, disaster recovery and business resumption after a cyber event, our continued investment in technology innovation is aimed to advance these capabilities even further to help our clients stay ahead of risks.

The core technology and process building blocks that we provide to help our clients become cyber-resilient include:

  • Immutable storage: Unalterable or write-once-read-many (WORM) storage technologies for application data and platform configurations to prevent corruption.
  • Air-gapped protection: Network isolation to separate production environments from the storage that contains the protected, backed-up data.
  • Configuration data verification: Automated testing and validation to help detect unauthorized changes and ensure the data being protected is clean and recoverable.
  • Automation and orchestration: Automation of the end-to-end recovery process based on pre-defined and tested workflows to enable quick restoration
  • Monitoring and reporting: Automated dashboard to monitor data changes, RPO/RTO deviations and snapshot validation status in real-time, and built-in modules to generate reports for audit and compliance.

While IT and information security leaders are struggling to determine the appropriate technology areas to spend their limited budget on, it is imperative that they take a holistic view of IT risks and build a robust cyber resilience program to keep their business operations functional during and after a cyberattack. With a cyber-resilient environment, IT can be at the forefront of fostering relationships with business leaders and partnering with them to confidently drive their digital transformation journey forward.

Avots: businessinsider

Rakstu kategorijas