The world events of the past weeks have given us a clear view of what not having a plan looks like. We are learning that current infrastructures cannot support a pandemic the likes of what we’re currently living through and we’re managing it in crisis mode. Learning this lesson came at a great cost, but it is challenging us to rethink our preparedness. As I sit here on a stay indoor order from our local leadership and doing my due diligence to protect myself and others, I can’t help but draw parallels (being in the technology space) from these life-altering events to digital cyber-criminal events that are occurring right now as I write this. In my last blog, I wrote about the importance of testing your IT network and pointed out some strategies to use to ensure you are well prepared should ransomware or other cyber-attacks infiltrate your datacenter and cause irreparable damage. In this blog, I want to discuss – no, stress once again the importance of testing your backup strategies and business continuity plans.
Training & Preparedness
With a lot of the workforce working remotely, it is crucial that employees are trained to be alert to activity that targets regular users like you and me – watch out for those coronavirus emails that are being used as bait by phishers! There are sites that are using COVID-19 and Coronavirus as a lure to make victims ‘click the link’. Paul Chichester, Director of Operations at the NCSC, said: “We know that cybercriminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the Coronavirus outbreak.
Time and time again we’ve heard that cyber-attacks come in different forms such as data breaches, ransomware, phishing campaigns, and even some advanced hacking attacks. Investing in an excellent cybersecurity software plus employee training will play a major role in averting a disaster. Persistent criminals will take advantage of the opportunity to infiltrate your network via the various forms of cyber-attacks so let’s learn from previous incidents causing millions of dollars in damage (see previous blog – link) and avoid the same fate as best we can. Just last week, a report on the NCSC site stated that a global network of bots was brought down and dismantled. These criminals are believed to have infected more than nine million computers worldwide. https://www.ncsc.gov.uk/report/weekly-threat-report-13th-march-2020
The right mix of technology
Let’s start by asking the right questions. First, asses your cyber risk. Check out the NCSC website for guidance https://www.ncsc.gov.uk/collection/risk-management-collection/essential-topics . Is your organization prepared to weather a cyber-attack? Is your network not only protected but resilient and able to predictably recover stolen, encrypted or lost data? What are the RPO/RTO’s that need to be met, and can they be met with your current data protection technology? If your network backup copies are compromised, do you have a copy offline and air-gapped? These and many more questions need to be asked to ensure that whatever data protection solution you choose, test your Business Continuity (BC) and Disaster Recovery (DR) to understand efficiency resiliency and predictability so you have the peace of mind that your data is protected.
The experts, highly recommended that you apply the time-tested best practice rule of 3-2-1-1 rule to be safe. Have both disk and tape to ensure a reliable copy is available when you need it. Whether you use cloud or hardware on-prem, be it fast performance technology to quickly process your hot data to cold storage technologies for long-term storage – the most cost-effective way to tier-off your data as it shifts in value is to leverage the different technologies that are available. Here is an example from Quantum with DXi and object storage for enterprise backup where cost-effectiveness, scalability, and management of unstructured data is of extreme importance.
All these technologies combined will help you meet your RPO/RTO’s but in addition, should you need to call on your backup copy for any reason and your copy on spinning disk is compromised, your insurance will be the copy that is offline and air-gapped.
If we knew when disaster will strike, everyone would prepare. The reality is we never know. Test and practice your response to a cyber-attack. Whether you are small or large organizations, testing your resiliency is critical. Create practice scenarios in a safe environment where you can test your network and backup strategies, there are plenty of online help tools available if you’re organization does not have IT, professionals, to handle this type of exercise. Be prepared to handle a crisis scenario. If you’re in the public sector and funds are tight, leverage organizations like NCSC with their exercise in a box tool to practice your response https://www.ncsc.gov.uk/information/exercise-in-a-box .
These times call on us to provide you, the IT professional with all the tools and necessary information to help you make the best decision for your organization. Crisis or no crisis preparedness is key!