Intelligent CISO Issue 37 | Page 21

In adopting an approach to cybersecurity and data protection based on recoverware concepts and products , CIOs take the view that it ’ s smarter and more logical to prepare to recover than to pay any ransom . of recovery . But with data now available , file servers can be reconstructed and files restored . With testing carried out , the organisation can then begin a return to business as usual .
cyber trends

In adopting an approach to cybersecurity and data protection based on recoverware concepts and products , CIOs take the view that it ’ s smarter and more logical to prepare to recover than to pay any ransom . of recovery . But with data now available , file servers can be reconstructed and files restored . With testing carried out , the organisation can then begin a return to business as usual .

Business leaders can then assess the full cost of downtime , lost revenue , potential compliance breaches , as well as the impact on company reputation and customer loyalty . For some , this process is so painful that it presents a very real existential threat to the business . For those hit by a major ransomware attack , full recovery is far from certain .
The new alternative
The recoverware alternative , in contrast , seeks to restrict data loss to a matter of seconds and limit recovery time to minutes . By selecting a recovery checkpoint immediately before the ransomware attack , IT teams then immediately recover , test and reconnect servers to the network . By assuming recovery will be required and by building it into the standard playbook for defeating a ransomware attack , IT leaders acquire a protection ‘ reflex ’ against the worst implications of a malware breach .
In adopting an approach to cybersecurity and data protection based on recoverware concepts and products , CIOs take the view that it ’ s smarter and more logical to prepare to recover than to pay any ransom . This is not an admission of defeat , but a pragmatic perspective that prevention strategies must go hand-in-hand with the ability to quickly move on from the impact of an attack and back to business as usual . u malware attack , not a last resort when all else fails .
Minimising the cost of downtime
Comparing approaches to dealing with ransomware helps to illustrate the recoverware process . In the traditional scenario , an organisation sees its network infected with the notorious CryptoLocker ransomware . As a result , all of its file servers become infected and their only recovery method is restoring from disk . In this situation , it ’ s not uncommon for the victim to experience hours ( or days ) of data loss , and many are unable to fully recover for several weeks .
The process is full of pitfalls . If , for instance , the organisation finds it is unable to restore any data from its disk backups , one option is to ship tape files to an outsourced data restoration specialist , with accompanying delay and additional cost . Even when data is then recovered , the recovery points may be different times with significant gaps , further complicating the challenge for IT teams and impacting the overall quality
www . intelligentciso . com
21