Intelligent CISO Issue 49 | Page 29

From my experience , around 80 % of organisations either haven ’ t backed up their data or don ’ t do it regularly enough .
Another reason that backing up can be overlooked is a misconception that it ’ s purely a data centre issue , but it must also be treated as a part of a well-rounded security strategy . www . intelligentciso . com

? editor ’ s question see many cases

I where backups are not being carried out effectively , if at all . From my experience , around 80 % of organisations either haven ’ t backed up their data or don ’ t do it regularly enough . This is alarming because if these companies experience a data breach , the impact could be hugely damaging . Backups are often the last line of defence against cyberattacks , if you can ’ t recover systems then backups offer a crucial lifeline .

From my experience , around 80 % of organisations either haven ’ t backed up their data or don ’ t do it regularly enough .

The main reason I see for backup programs being neglected is cost . Financial and staff resources are required in order for regular , comprehensive backups to be completed and sometimes IT leaders will choose to focus these resources on other areas . The crucial tasks that need this investment include identifying where the most critical data is stored and making sure it is always included in backups . It ’ s also important that backed up data is regularly tested to check that it can be fully accessed without any problems . I rarely see this testing being carried out , so it ’ s definitely an area for improvement .
Another reason that backing up can be overlooked is a misconception that it ’ s purely a data centre issue , but it must also be treated as a part of a well-rounded security strategy . Every organisation should have an initiative to improve and maintain cyber hygiene , in my view backing up should be part of this . The vast majority of data breaches that I see start with an avoidable incident that an improved level of cyber hygiene could help prevent . Even if a network does still become compromised , a good level of cyber hygiene can help minimise the impact . For example , if a ransomware attack encrypts an organisation ’ s data , it is in a much stronger position if data has been backed up .
Business leaders should be asking important questions such as ; in the event of a breach , is all of your critical
OLIVER CRONK , CHIEF ARCHITECT , EMEA AT TANIUM
data backed up and have you checked if it can be easily accessed ? Are we including backing up as part of our cyber hygiene efforts and security strategy ? If IT teams understand the importance of these areas and take ownership of them then they may prevent the organisation ’ s reputation from being severely damaged and a large sum of money being lost .

Another reason that backing up can be overlooked is a misconception that it ’ s purely a data centre issue , but it must also be treated as a part of a well-rounded security strategy . www . intelligentciso . com

29