Extra tags: Cyber Threat
Authored by: Saravanan Krishnan, General Manager, Data Protection Solutions, South Asia, Dell Technologies
If there is one thing we have learned in the wake of the COVID-19 pandemic, it is that we need to be ready for anything. Cyberattacks are on the rise and the damages they cause extend far beyond corporate boardrooms or balance sheets – causing mass disruption across our society, impacting utilities and even food and medical supply chains. The threat of ransomware is a nightmarish scenario for organisations at a time when they are desperate to keep the business on track and employees productive while working from home, making them extremely vulnerable to creative and often opportunistic cyber criminals. According to KPMG, the shift to remote work has led to escalating cyber threats as both employees and the security teams have to navigate unfamiliar conditions like lockdowns and remote work.
The 2021 Dell Technologies Global Data Protection Index (GDPI) released in September 2021, surveyed global IT decision makers to get a better understanding of how organisations are combatting increased data protection challenges and cyber threats. For IT decision makers, the proliferation of cyber threats, the growth of multi-cloud computing, the distribution of traditional and cloud-native workloads across edge, core and cloud environments and the emergence of newer technologies like AI/ML have converged to create a perfect storm of IT complexity. The increase of remote work has only exacerbated these challenges even further.
Consider just the following three data points from the GDPI research:
- 82% of IT decision makers in the Asia Pacific and Japan (APJ) region agreed that their organisation’s data protection solutions won’t meet all future business challenges
- 72% have seen increased risk of cyber threats with the growth of employees working from home
- 67% are not very confident that all business-critical data can be recovered in the event of a destructive cyber attack
Clearly, the complexity caused by the scope and scale of data protection and the attack surfaces for cyber threats is dramatically increasing, as data on the edge increases (and is blurring the lines between traditional data protection and cyber resilience). Protecting cloud-native applications, Kubernetes containers and SaaS workloads further contributes to modern data protection complexity. And of course, protecting data reliably, consistently and efficiently across multiple public cloud environments makes data protection harder still. What’s more, most IT planners are not confident their current data protection solutions will meet all future challenges.
Emerging technologies like AI/ML and IoT combined with the projected explosion of data volumes on the edge will present significant data protection challenges for organisations of all sizes.
The situation is not alien to Malaysia. The government’s Malaysia Cyber Security Strategy (MCSS) 2020-2024 cited a study that the country has the potential to lose RM51 billion due to cyber security incidents. And as the country looks to embrace emerging technologies such as 5G and AI that will power the digital economy, addressing security challenges in these areas will be the focal point to combat new cyber threats in a constantly changing landscape.
For many organisations, the complexity of protecting emerging technologies is only compounded when they have to resort to working with multiple data protection vendors to gain the cyber resilience and data protection they need across hybrid, multi-cloud and edge environments. Unfortunately, this complexity often comes at a staggering cost; another key finding of 2021 GDPI is the cost of data loss: in the 12-month period, it crossed the US$1 billion mark – about four times higher – for organisations using multiple data protection vendors as compared to those using a single-vendor approach.
But that is not all – building cyber resilience not only involves identifying, protecting, detecting and responding to cyber threats, but equally as important is how to recover from a ransomware attack. A holistic strategy requires multiple layers of protection to ensure that critical data is protected and isolated from these attack surfaces. Within this protected framework, it can be recovered with confidence following a ransomware attack, to accelerate the restoration of normal business operations.
Where does cyber recovery fit into a holistic data protection strategy?
Cyber recovery distinguishes itself from traditional backup and disaster recovery (DR) in several ways. It provides additional layers of physical and logical security at both the solution, system and data/file level to ensure critical data can be preserved with integrity, confidentiality and to ensure it is available when needed for recovery. It also focuses on protecting and isolating critical data away from cyber threats and attack surfaces within a secure immutable data vault and then enabling the recovery of that data vault when and if necessary. Cyber Recovery goes beyond DR plans by addressing the cyber threat to critical data but at the same time complementing DR plans which protect against other outages.
Recovery from a destructive cyberattack solves for a different type of disaster and can be very different from recovery from a power outage, fire, flood or terrestrial event. Cyberattacks are typically not limited to a specific location so their impact can often be felt globally, even with traditional DR solutions in place. For this reason, logical segregation of infrastructure, along with physical separation, to limit the spread of malware and reduce the surface of attack is typically more effective than having regionally dispersed data centres.
Recovery procedures can also be more involved and iterative due to additional forensics working with cyber security teams. While ransomware and other forms of cyberterrorism may continue to wreak havoc on many, accepting defeat as a foregone conclusion is not the answer. Adopting a fast and reliable recovery solution is critical to an organisation’s ability to get back on its feet and restore business continuity.
An example would be Sheltered Harbor – a nonprofit, industry-led initiative that developed a set of cyber resilience and data protection best practices and safeguards to enhance the stability and resiliency of the US financial system; Dell Technologies is the first technology solutions provider to join the Sheltered Harbor Alliance Partner Program. In the event of a sophisticated cyberattack, the Sheltered Harbor standard provides the blueprint to ensure that data necessary to restore basic banking operations is readily available with integrity, while full recovery procedures continue. The Dell EMC PowerProtect Cyber Recovery for Sheltered Harbor is a turnkey data vaulting solution that provides participating institutions with a fast, cost-effective and efficient alternative to each institution building a one-off, proprietary vault to meet immediate deployment needs of critical customer-facing banking services, ensuring public confidence is maintained.
Data is universally regarded as the essential ingredient for driving innovation, but it is also the most vulnerable asset within the IT estate. The same data that drives an organisation’s business and fuels transformation efforts is the same data that cyber criminals are after. The high stakes involved in today’s data-driven world means progressive organisations must adopt cyber resilience strategies to combat the threats of ransomware and other cyberattacks. It incorporates people, process and technology into a holistic framework that protects an entire business, organisation or entity to enable the restoration of normal business operations as quickly as possible.
