Uniting cybersecurity and cyber storage resilience
Cybersecurity and cyber storage resilience are usually treated separately in the enterprise. This exposes a huge gap in creating a comprehensive enterprise cybersecurity strategy. But when they are trending together, they fill this critical gap that cyberattackers have been able to exploit. The exponential growth and intensity of cyber threats have escalated the need for cyber storage resilience to be part of every enterprise’s cybersecurity strategy. The debate about it is over. Now is the time for action.
Enterprises need to make sure they are fully securing their data, both at rest and in motion. With datastores moving between on-premises enterprise data centres and the public cloud in hybrid environments, security experts agree that it’s vital to invest in creating secure datastores for both primary data sets and for backup datasets that use immutable snapshots and air-gapping.
Cyberattacks have become a matter of life and death because of the mission-critical nature of data in the 21st century – and this is not hyperbole or exaggeration. Among the first deaths directly linked to a ransomware attack was the death of a woman reported in Germany in 2020. Because of the ransomware attack, a hospital was locked out of its system. The result was that the medical staff were unable to treat their patients. A woman in need of immediate medical attention was brought to the Emergency Room, but the doctors could not provide the urgent care she needed.
The patient had to be transported 20 miles away to another hospital that was still functioning. Unfortunately, she did not survive. Looking back, this realisation was a hard wake-up call: the hospital did not have the cyber resilience that could have neutralised the ransomware attack and had the whole system up and running in minutes.
The impact may not always be so drastic, although it can be in mission-critical situations, which large enterprises usually have. It could be an attack on a health system, a government body, a financial institution, a retailer, a utility, a large university, a pharmaceutical company or countless other types of organisations. The result may be significant lost revenues for a company, or a damaged reputation, or massive recovery costs, or chaos, or loss of trust – all of which can devastate any organisation. According to Cybersecurity Ventures, the global cost of cybercrime is predicted to reach $8tn USD in 2023, rising to $10.5tn by 2025.
Given these threats and the financial risks, it's important to understand what is trending – and what you need to know to be successful.
Trending #1 – baked-in cyber resilience
Enterprises and service providers are proactively deploying enterprise storage products that have intrinsic cyber storage resilience capabilities, such as rapid cyber recovery, immutable snaps, air-gapping, and fenced forensic environments, that complement and enhance the broader enterprise security strategies designed to protect data.
To facilitate rapid cyber recovery, copies of data, especially critical data, must be unalterable. Data integrity cannot be compromised while combatting a cyberattack.
Trending #2 – the onslaught of ransomware and malware
Also, trending is the expectation that more of the organisations that are not properly cyber secure will experience more cyberattacks in the months and years ahead, not fewer attacks. In fact, in 2022 cyberattacks reached an all-time high, according to research conducted by CheckPoint. Companies won’t just get hit once and then have years to recover. Hackers have become highly skilful at hiding malicious code. Attacks have become an onslaught that requires a different way of thinking about how both cybersecurity and enterprise storage can be better aligned.
The acceleration of digital transformation at many companies, institutions, and government agencies during the COVID pandemic from 2020 to 2022, coupled with the spike in remote working, has generated volumes of new targets for ransomware and malware. As a result, the size of demands, as well as the sheer volume of attacks, have increased exponentially in recent years.
Trending #3 - the automation
When it comes to automation, what’s trending is the use of machine learning-based automation to hone enterprise security infrastructures. CIOs and CISOs are increasingly looking to enterprise storage solutions that are not only AI/ML-friendly, but also have autonomous automation that makes the infrastructure smarter to nullify and/or recover from cyberattacks.
Autonomous automation allows an enterprise to deal with its massive amounts of data that are simply too much for human beings to handle alone. This has ramifications for security. The adoption of these more sophisticated tools will only increase over time.
While ML-based automation is definitely an area that enterprises need to fully utilise, cybercriminals are simultaneously also using AI/ML to automate their cyberattacks. They are using various model stealing and data-poisoning techniques. Metaphorically and literally, there is a battle underway of corporate automation vs. criminal automation on the security front.
The complementary combination of cybersecurity and cyber resilient storage is so vast that it’s not a matter for one company alone to address. It may start with an IT solutions provider working with the information technology team within an enterprise to bridge the two worlds of security and enterprise storage. In this way the security capabilities are identified together with the solutions needed to deliver these required capabilities.
For cyber resilience to be integrated as part of a larger cybersecurity solution, a cyber resilient storage architecture is needed to map to the broader data infrastructure.
This means including features like cyber recovery, air-gapping, fenced forensic environments in which to perform data forensic analysis and immutable snapshots – all weaved together in an enterprise storage system that is empowered by autonomous automation.
Enterprises need to develop expertise in combatting ransomware and malware, among a variety of cyberattacks, through both primary storage and secondary storage that is second to none. For further reassurance, they also need vendors to provide industry-first guarantees for cyber resilience on primary storage.
Enterprises and service providers don’t have to worry about delivering this without in-house expertise provided they identify the right storage and security partnership. The key to achieving all this is integration through APIs and a resilient data infrastructure ‘engine’.
Don’t settle for the following headline trending on social media: “Ransomware attack freezes and compromises the data of [insert your organisation’s name], forcing all operations to come to a halt.” Closely align your cybersecurity with cyber resilient storage to stay one step ahead of the hackers.