This post originally appeared on the IBM Storage & Servers Blog on February 8, 2021.
Your business likely already has a data security strategy in place. After all, cyberattacks are nothing new — and organizations today are well aware that their data is a precious resource to protect.
There have been malicious attacks for a long time in the digital world. Attackers might be looking to gain access to your data, be it financial data, user data or governmental data. Or they might simply want to demonstrate the sophisticated approaches they practice to remind you about your vulnerability to attack. Regardless of the reason, the risks are real. According to the 2020 Cost of a Data Breach report from IBM, the global average total cost of a data breach is USD 3.86 million, with an average time of 280 days to identify and contain a breach.
When is the last time you took a close look at your data resiliency strategy? Is your storage environment set up to minimize risk as much as possible? Have you considered the undeniable what-if situations?
Taking a closer look at your data security
There are many ways to protect your data and mitigate risk, and likely you’ve already got some in place. Government regulations can set a minimum standard to protect sensitive data (for example, the requirement for any financial institution to use 256-bit data encryption methods). But even if you plan and implement a good strategy for business continuity, data loss can still happen for various known and unknown reasons, such as:
- Disgruntled employees causing problems intentionally
- Human errors
- Pushing timelines and neglecting application security, and thus leaving a gap for vulnerable attacks
- Malicious intentions by cyber criminals
- Hardware or software failures
Thinking through these what-if situations is another way to be prepared and make sure you can quickly recover from any unanticipated threats and data losses.
Cyber resiliency is the way forward
Not every disaster or data loss incident demands business continuity solutions like full backup and restore or failing back to the disaster recovery (DR) site. While having a DR plan is critically important, you also need to devise a strategy for continuing business operations with partial and immediate recovery.
Cyber resiliency refers to your ability to prepare for, respond to and recover from cyberattacks. Having a cyber resiliency solution in place allows your organization to be online and operational with minimum recovery point objective (RPO) and recovery time objective (RTO) targets.
To better understand cyber resiliency, consider the NIST Cybersecurity Framework, which is a framework of computer security guidance that advises organizations on how to assess and improve their ability to identify, protect, detect, respond and recover to cyber breaches. It includes five functions of risk management:
- Identify: Define an organizational understanding to build or improve your cyber resiliency plan — this includes critical assets and strategy.
- Protect: Develop and implement appropriate safeguards to ensure delivery of critical services — protecting against vulnerabilities before they are exploited.
- Detect: Detect the occurrence of cyber security events — timely, continuous monitoring, detection processes.
- Respond: Take action regarding a detected event — this includes analysis, containment, mitigation and communication.
- Recover: Restore capabilities and services — this includes recovery, making improvements and communications.
It’s pertinent that you regularly review your data resilience strategy in order to protect your organization and strengthen your business continuity plans.
Where to find help with your cyber resiliency strategy
If you find yourself thinking about cybersecurity and wondering if your cyber resiliency strategy addresses all of these areas, you might consider a Cyber Incident Response Storage Assessment (CIRSA) workshop from IBM Systems Lab Services. This workshop focuses on the following essential points for block (SAN), file (NAS/Object), backup and archive workloads:
- Understanding your cyber resiliency goals and strategies
- Understanding the capabilities of your existing storage with regard to the requirements for data recovery
- Identifying gaps and exposures
- Discussing various possible practices and outlining recommendations
- Developing a cyber resiliency plan that aligns your storage infrastructure capabilities and the business requirements
Upon completion of this assessment, you’d better understand the DR solutions that could help you minimize recovery time in the event of a cyber incident.
IBM Systems Lab Services can help your organization address the increasing risks and impacts associated with cyberattacks.