The dramatic shift to hybrid and remote working that followed the arrival of COVID is likely to prompt many IT managers to revisit and reconsider their business continuity and disaster recovery plans in 2022. Put simply, their organisations are not the same as they were before the pandemic struck and they may never be the same again.
The number of cyberattacks is on the rise, fuelled in large part by the prevalence of ransomware attacks. At the same time, the threat landscape has expanded significantly, increasing the potential vulnerability of the enterprise network through the large increase in remote endpoints.
The storm clouds are gathering
The menace of ransomware cannot be understated. To gain a measure of the scale of the threat, SonicWall recently reported a 148% increase in global ransomware attacks in the third quarter of 2021. The company logged 470 million attacks during the first nine months of the year, warning that “2021 will be the most costly and dangerous year on record”.
SonicWall CEO Bill Conner claimed ransomware was “on a nearly unimaginable upward trend, which poses a major risk to businesses, service providers, governments and everyday citizens”.
Cyberattacks are not the only danger. Extreme weather events are another growing threat to the resilience and continuity of enterprises. A case in point is Storm Arwen which caused significant disruption in the UK in November, leaving thousands of homes without electricity. In the wake of the storm, business secretary Kwasi Kwarteng described it as “an event the likes of which we haven’t seen for certainly 60 years since records started”.
But climate change is going to lead to even more frequent weather events, including storms. A reality acknowledged by Kwarteng when he warned the UK would “have to be prepared for similarly extreme, difficult weather conditions in the future”. Those ‘once in 60 years’ events are going to arrive far more frequently than they did before.
Getting the balance right
What can be done to increase the resilience of the organisation and ensure continuity in the event of an attack, extreme weather event or other form of disruption?
The first thing to accept is that like weather events, attacks on an organisation’s infrastructure and threats to its data are inevitable. It’s no longer a question of ‘if’ but ‘when’. Defending against attacks and malware is still important but protecting data, especially customer data, is becoming ever more critical in case an attack gets through. The same applies to extreme weather events. The integrity of the data needs to be protected and preserved from all threats and disruption.
By acknowledging the reality of increasing levels of threat, businesses can put together a more effective strategy to deal with it. There is an optimal level of security for all companies. They need a comprehensive security policy and to remove as many vulnerabilities as possible but there will always be gaps they cannot completely close.
A balance needs to be struck between security and continuity. This is especially true as organisations become more dispersed, with workers accessing the network and sharing data across a larger number of remote locations. IT spending is not limitless and security cannot be allowed to swallow up the IT budget.
The common consequence of cyberattacks, extreme weather events and other incidents is wide-ranging disruption to the business. To this end, companies need to ensure data can be recovered and they can resume normal operations as quickly as possible after an attack or event. It is important to look at how to ensure continuity and minimise avoidable damage and loss.
Data replication is a minimum requirement to ensure any infected environment can be repaired and restarted while business continues. But it isn’t enough to protect against ransomware attackers who are starting to look for backup files to encrypt as well as live data.
This is why businesses need to consider scalable and flexible backup options with integrated encryption and cybersecurity policies to replicate and protect data across physical, virtual and cloud environments. In an ideal world, this would include built-in AI-based anti-ransomware technologies to prevent cybercriminals from exploiting OS or application security gaps.
An IaaS provider could be the solution
An integrated cyber protection process that keeps the entire distributed infrastructure safe – from data to applications to systems – is becoming a must have.
But not many companies have infinite resources or time to invest in business continuity processes or infrastructure. This is where infrastructure-as-a-service (IaaS) providers with disaster-recovery-as-a-service (DRaaS) capabilities can deliver the reliability and recovery needed to prevent a disruption to operations.
IaaS providers can help minimise the potential for data loss thanks to multiple data centres across different geographies that maintain continuity of service even if one region experiences a loss of power. IaaS-hosted data centres can also include multiple layers of security that limit access to data, protect against physical attacks and keep servers safe from intruders.
But it is important to look for providers with a proven track record that can match the company’s security and continuity priorities. A joined-up approach will make it as difficult as possible for cybercriminals to cause damage and makes good business sense.
Companies that don’t view continuity as an essential part of security nearly always experience a worse outcome. Those that deny the reality that an attack could, at some point, succeed are also refusing to understand the importance of continuity in helping them to survive such an attack or disruptive event.
Organisations need to align their business continuity and cybersecurity approaches to ensure the measures in place – including system and data backup and recovery plans – are consistent. Cybersecurity, business continuity and disaster recovery go together hand in hand and an effective strategy needs to include them all.