Across industries and among organizations of every size, cyberattacks are on the rise.
For instance, Kenya’s Communication Authority revealed that in the year 2021, cybercrimes in the country rose by over 50 percent in the fourth quarter from 35.1 million in 2020 to 56.2 million threats in 2021.
As a result of the increased digital transformation witnessed in various sectors in the country, the financial sector, and the mobile banking sector have been ranked as the top targets by cybercriminals. A report by the Credit Reporting agency revealed that banks in Kenya are witnessing losses of over $121 million every year to fraudsters through identity theft.
The Dell Technologies Global Data Protection Index 2022 reported that in the past year, cyberattacks accounted for 48% of all disasters (up from 37% in 2021), leading to all other causes of data disruption. The survey also revealed 85% of organizations using multiple data protection vendors see a benefit in reducing their number of vendors.
Furthermore, it revealed that organizations using a single data protection vendor incurred 34% less cost recovering from cyberattacks or other cyber incidents than those who used multiple vendors.
To create a more cyber-resilient approach to data protection, businesses can modernize and automate their recovery and business continuity strategies and leverage the latest intelligent tools to detect and defend against cyber threats.
Dell EMC PowerProtect Cyber Recovery for Sheltered Harbor –
Robust cyber resilience for financial institutions’ most critical data
Dell Technologies is the first technology solution provider to join the Sheltered Harbor Alliance Partner Program. The solution is based upon the Dell PowerProtect Cyber Recovery solution, a market leader with an almost five-year history of protecting organizations’ most critical data.
Here are five components of a proven and modern cyber recovery strategy:
- Automated Data Vaults
Cyber resilience cannot be achieved without a major component – the Cyber Recovery Vault. It offers multiple layers of protection to provide resilience against cyberattacks even from an insider threat. It moves critical data away from the attack surface, physically isolating it within a protected part of the data center, and requires separate security credentials and multifactor authentication for access.
Additional safeguards include an automated operational air gap to provide network isolation and eliminate management interfaces that could be compromised. If a cyberattack occurs, you can quickly identify a clean copy of your data, recover your critical systems and get your business back up and running.
Data vaults have been used to great effect among public and private sector organizations. These companies often use them to securely store updated copies of their most critical data and applications. If a ransomware or data destruction attack impacts data and applications in the main production environments, the threat actors still cannot access the contents of the data vault. Post-attack, as part of the incident response and recovery process, clean copies of data and applications stored in the data vault are used to restore the production environment.
- Data Isolation and Governance
Similarly, ensuring an isolated data center environment that is disconnected from corporate and backup networks and restricted from users other than those with proper clearance is another method for ensuring a water-tight cyber recovery strategy. By isolating critical data, identifying suspicious activity, and accelerating data recovery, enterprises can more easily achieve cyber resilience with this approach.
- Intelligent Analytics and Tools
Additionally, machine learning and full-content indexing with powerful analytics within the safety of the vault are effective tools for detecting threats. This also includes automated integrity checks to determine whether data has been impacted by malware and tools to support remediation if needed.
- Recovery and Remediation
If an incident has indeed taken place remediation consists of workflows and tools that perform recovery by using dynamic restore processes and existing data recovery procedures to bring business-critical systems back online quickly and with confidence. This must also include a comprehensive methodology for protecting data, as well as performing damage assessments and forensics to provide an organization with the confident and most reliable path to recovery of business-critical systems.
- Solution Planning and Design
Finally, expert guidance and services can help organizations determine which business-critical systems need protection and can create dependency maps for associated applications and services, as well as the infrastructure needed to recover them. For example, Zero Trust is a cybersecurity model that shifts how organizations approach security from relying solely on perimeter defenses to a proactive strategy that only allows known good activity across ecosystems and data pipelines. It allows organizations to better align their cybersecurity strategy across the data center, clouds, and at the edge. Such services also generate recovery requirements and design alternatives, while identifying the technologies to analyze, host and protect data, along with a business case and implementation timeline.
Cyber resilience requires a multi-layered approach to cybersecurity. In addition to advanced threat protection and security training for employees, a strong cyber recovery strategy can promote cyber resilience by protecting backup systems from corruption and enabling fast recovery of business-critical systems, applications, and operations after an attack. In short, Cyber Resiliency is a strategy that incorporates people, processes, and technology into a holistic framework that protects an entire business, organization, or entity. This strategy allows businesses to prepare for and recover rapidly from disruptions caused by cyberattacks.
Author: Wycliffe Selebwa, Country Leader, Dell Technologies, Kenya