Cyber attackers are evolving in complexity and sophistication at an unprecedented rate – catalysed by COVID-19. Increasingly, more destructive modes of attacks, such as island-hopping, have emerged over the past year. These have also led to high-profile breaches, especially over the past few months, with the threat of more on the horizon.
ACSC reported 59,806 cyber crimes between July 2019 and June 2020, and the Australian Bureau of Statistics reported that one in three data breaches (35 per cent) in Australia are due to human error, steadily climbing since early 2020.
Major cyber attacks, including ransomware, have the potential to kneecap the operations of business. The stakes are high – with potentially sensitive data or essential operations at risk, companies need to be prepared for inevitable attacks.
As the threat landscape continues to evolve, resiliency will be central to businesses succeeding in the new normal. According to IDC, organisations focused on digital resiliency will be able to adapt to disruption 50 per cent faster than those that focus on restoring existing business and IT resiliency levels in 2022.
Managing the intangible
In our increasingly digital world, it is not an organisation's physical assets that catch the eye of cyber criminals. When cyber attackers take aim, the main target is usually data – the lifeblood of business. Data and workloads are generated and moving from on-prem, to the cloud and back again across the company, creating a multi-generational data sprawl daily. Hence, it is essential that companies have a complete and updated overview of their data.
Commvault research, conducted by Tech Research Asia, surveyed 280 businesses in Australia and New Zealand and found that 60 per cent of companies in ANZ reported being targeted by a cyber security attack in the last 12 months, with production data the primary target. With only 20 per cent of companies that were subject to a cyber security attack in 2020 not losing any of their data, being able to get operations running again is critical.
Defining policies and standards on data management is critical to surviving an attack. Properly classify data based on how critical or sensitive it is enables companies to prepare recovery protocols that restore systems in order of operational impact to get people back online and operational as efficiently as possible.
Unfortunately, the exposure to a breach or an attack seems to be an eventuality for most organisations. In such a situation, maintaining system availability will be key to keeping up operational capabilities. Resilience must be an integral part of businesses data management. A backup and recovery plan for classified, essential and sensitive data is necessary for organisations to quickly mitigate a cyber attack. Such a plan is also important for regulatory and compliance requirements.
Taking a layered approach to securing data, such as immutable backups and air-gapping, also helps ward against malicious threats. To achieve this, businesses can explore backup-as-a-service (BaaS) options for backup, recovery, and data protection to preserve an airtight virtual copy of their data in the cloud. A cloud-based backup and recovery can help organisations manage compliance, scale when needed, and to manage increasing data costs. BaaS is perfect, as it can be moved from the traditional capex to opex immediately without infrastructure.
Furthermore, businesses will do well to maintain a state of recovery readiness and be regularly monitoring and evaluating their processes. Regular threat-hunting, vulnerability assessments, and penetration testing should be part of the cybersecurity roundup. Besides that, IT teams need to ensure redundancy in all essential, high availability IT systems.
Lastly, organisations must have a plan ready for when disaster strikes. When data is compromised, such as through ransomware, disaster recovery is essential to reducing breach impact and resuming normal business operations.
David Rajkovic is the Commvault area vice president of Australia and New Zealand.