The current business landscape has transformed drastically, due to the increase in the quantity of data being generated. While businesses now have the ability to extract more insights from this influx of data, it has further added pressure on them to better manage and protect this data from cyber-attacks.
The damages caused by cyber-attacks, extend far beyond corporate boardrooms or balance sheets to cause mass disruption across our society, impacting utilities and even food and medical supply chains. In fact, as per a recent study by India’s Computer Emergency Response Team (CERT-In), cyber-attacks in India rose by almost 300% in 2020 as compared to 2019. Keeping this in mind, if businesses have learned something from the events of 2020, it’s that we need to be ready for anything.
Living at the edge
Currently, while the rate at which incidents of cyber-attacks are occurring is a growing concern, their implication on business operations are even more fearsome. As per the Global Data Protection Index 2021,68% of the businesses in India are concerned their existing data protection measures may not be sufficient to cope with malware and ransomware threats. They are low on confidence with respect to the protection and recovery of their mission critical data in the event of a destructive cyber-attack.
The proliferation of cyber threats, the growth of multi-cloud computing, the distribution of traditional and cloud-native workloads across edge, core and cloud environments, etc. have converged to create a perfect storm of IT complexity. The increase of remote work has only exacerbated these challenges even further. It is not surprising to note that, the report also states that 74% of Indian businesses have witnessed increased exposure to data loss from cyber threats with the growth of employees working from home.
Need for a cyber-recovery strategy
The complexity caused by the scope and scale of data protection and the attack surfaces for cyber threats is dramatically increasing. For instance, cyber resiliency requires multiple layers of protection to ensure that critical data is protected and isolated from these attack surfaces. Similarly, constantly and effectively protecting cloud-native applications as well as multiple public cloud environments can lead to modern data protection complexities.
As mentioned above, more than half of the businesses in India don’t believe that their current data protection solutions have the power to steer clear of any threats that may come their way in the future. Further adding on to this, as we continue to see an increase in the amount of data being generated and a rise in the adoption of emerging technologies like AI/ML and IoT, such businesses will come face-to-face with even more challenging data protection obstacles. Hence, establishing a holistic cyber recovery strategy to identify, protect, detect, respond and recover from ransomware and other cyberattacks needs to become a top priority for businesses.
Cyber Recovery distinguishes itself from traditional backup and Disaster Recovery (DR) in several ways. It provides additional layers of physical and logical security at both the solution, system and data/file level to ensure critical data can be preserved with integrity, confidentiality and ensures it is available when needed for recovery. It is more focused on protecting and isolating critical data away from cyber threats and attack surfaces, within a secure immutable data vault. It then enables the recovery of that data vault when and if necessary. Cyber Recovery goes beyond DR plans by addressing the cyber threat to critical data but at the same time complementing DR plans which protect against other outages.
The road ahead
Hackers and cyber-criminals are constantly on the look-out for new methods of entry, one of which is below the PC operating system. Usually, low-level attacks take advantage of weak system configurations and firmware vulnerabilities. While many of these attacks may not be as sensational as ransomware, they can be even more devastating. Hence, being confident in the businesses’ ability to recover from a disruptive cyber event will be a key enabler in building cyber resilience for the future.
The article has been written Ripu Bajwa, Director and General Manager, Data Protection Solutions, Dell Technologies, India