Cyber Resiliency: Protecting Critical Data to Protect Your Business

The rise in volume – and value – of data makes it a prime target for cyberattackers. It’s a critical business asset.

As the average number of cyberattacks per company has risen 31%, the legal and financial consequences of such attacks have increased as well. The result is that, even as IT security budgets and investments grow, organizations are not feeling any more confident in their ability to protect against a malicious breach. The majority of respondents (81%) in the most recent Accenture State of Cybersecurity Report (81%) stated that staying ahead of attackers is a constant battle. At the same time, 78% said that they don’t know how or when a cybersecurity incident will affect their organizations.

The rise in volume – and value – of data makes it a prime target for cyberattackers. It’s a critical business asset and cybercriminals recognize that accessing data has tremendous financial upside for them…and an enormous downside for the compromised business. Once they gain access to your data, attackers can:

    • Remove access by encrypting it with a key
    • Attack data protection techniques to make sure that all restore capabilities are deleted
    • Hold it ransom until payment demands are met
    • Permanently delete data
    • Sell data on the dark web
    • Use the information to expose trade secrets or for corporate espionage

The consequences of an attack don’t just impact the business that is breached. Customers and partners can have confidential data stolen or breached as well.

Protecting Your Business Starts with Protecting Your Data

Often, cybersecurity and cyber resiliency are used interchangeably. There is, however, a very important difference. Cybersecurity includes the strategies and tools you put in place to identify or prevent the malicious activity that leads to a data breach. Cyber resiliency, on the other hand, is a strategy to mitigate the impacts of cyberattacks and resume operations after systems or data have been compromised. While cybersecurity solutions are focused on protecting systems and networks from malicious attacks, cyber resiliency helps ensure that damage from attacks is minimized.

When it comes to securing the enterprise, most IT security investments are at the network and application layers. By its very nature, cyber resiliency requires addressing the areas of your business where a cyberevent or incident can do the most damage – naturally, that involves your data.

Cyber resiliency at the data layer requires:

    • Data isolation: Network separation is a critical component of cyber resiliency because this is the last defense at the data layer.
    • Intelligent detection: Monitoring your data access for suspicious activity puts you a step ahead of attackers by limiting the damage.
    • Rapid recovery: The faster you can recover data, the faster your business can be operating at the level it was at before an attack.

The most effective cyber resiliency strategies involve using best practices involved in protecting data. This includes ensuring the right level of access controls, immutable copies of data, anti-virus and anti-malware.

Cyber resiliency, and cyber recovery, are also different from disaster recovery (DR), and disaster recovery alone is not enough to ensure resiliency. When attackers target systems, data and backups they seek to encrypt the backup catalog in addition to the systems and data. DR is online and not isolated to the degree a cyber vault is, and therefore it is vulnerable to these attacks as well. Once the data, systems and backups in production and DR are compromised, the environment is unrecoverable. If the systems are not available and there is no way to recover them, then you have a significant data breach and potential data loss incident. Cyber recovery is different because it is isolated and unchangeable data, allowing you to perform recovery when the DR location has been breached and infected.

In addition, without a cyber recovery vault it takes significant time to start recovering the last backups – and you don’t know if they are good or not. There may be many unsuccessful attempts at trying to find good data before getting even some partial success. This is a very long, labor intense and iterative process that is very costly. And even after you are able to recover, you will need to figure out a way to eradicate the infection or confirm it does not exist upon restart. A cyber recovery solution solves these challenges by providing analytics and forensics to quickly determine the last known good, trusted copies to recover. Unlike disaster recovery, cyber recovery provides automated recovery operations to aid in dramatically minimizing the impact of the attack.

Dell Unstructured Data Solutions – Storage for the Cyber Resilient Enterprise

Dell Unstructured Data Solutions (UDS) enable cyber-protection and recovery solution by acting at the data layer to boost the overall cyber resiliency of business operations that depend on data. With Dell UDS, organizations gain significant advantages to minimize cyberattack risks related to data integrity and availability.

    • Provides an isolated and operational airgapped copy of data
    • Protects from insider attacks
    • Creates unchangeable data
    • Performs analytics and machines learning to identify and detect
    • Quickly initiates recovery of trusted data

In addition to these capabilities, Ransomware Defender offers the protection of last resort, which is a copy of the data in a cyber vault that is isolated from the production environment. After the initial replication of data to the cyber vault, an airgap is maintained between the production environment and the vault copy. Any further incremental replication is done only intermittently by closing the airgap after ensuring there are no known events that indicate a security breach on the production site. Defender is a highly scalable real-time event processing solution that provides user behavior analytics to detect and halt a ransomware attack on business-critical data stored on Dell Technologies PowerScale storage clusters.

With Dell Superna AirGap customers get vault isolation for the highest level of data security by building on the security of AirGap Basic. It includes components of both Ransomware Defender and Eyeglass to ensure the secure transfer of data and the network isolation of the vault PowerScale cluster.

With Dell Unstructured Data Storage (UDS) solutions, enterprise firms can leverage a portfolio that meets the performance, scalability, and security demands of cyber resiliency. In addition to solutions with scale out architecture to enable high bandwidth, high concurrency and high performance with all flash options, UDS is uniquely suited for cyber resiliency:

    • Recover 1 PB of data in a few hours. No other vault storage, on-prem or cloud, comes close to PowerScale’s data recovery speed.
    • Immutability with worm lock. Data immutability makes sure attackers cannot alter or delete data.
    • AI powered threat detection. Monitoring production data and alerting of suspicious activity puts IT a step ahead of attackers.
    • Scalable to multiple clusters. Single pane of glass for threat detection and data isolation protects multiple PowerScale clusters.

Discover how Dell UDS helps customers boost the cyber resiliency of unstructured data by providing comprehensive capabilities to protect data, detect attack events in real-time and recover from cyberattacks. Contact your local Channel or UDS manager for more information.

Louie Correa

About the Author: Louie Correa

Louie Correa is a Chief Technical Officer (CTO) of the Unstructured Data Solutions team with Dell Global Channel. In this role, he is accountable for the company's strategy, formulation, development, and cross-functional delivery of the Unstructured Data portfolio. Prior to his role leading the Unstructured Data channel team, Louie was the lead architect for the Unstructured Data solution team across many segment lines of customers, including media & entertainment, e-Discovery, life science, and security to name a few. He is a results-driven leader with a comprehensive background in managing large geographically dispersed strategic accounts, including experience working with operations teams to implement best practices and planning for critical projects across diverse industries. He has a proven ability to identify best-fit vendors and technology solutions, as well as being capable of facilitating communication between technology and business groups. He excels in a demanding, fast-paced environment. Louie's previous positions before joining ISILON/DELL include Director of IT at one of the leaders in e-Discovery firms in the Americas. With functional oversight of the day-to-day operation of the IT groups within the organization. Prior to this role, Louie was accountable for the technical oversight of one of the top talent agency firms in Los Angles as a director of IT. Louie held numerous leadership roles in engineering and operation, including lead architect, SR System Engineer at City National Bank. Louie is a proven leader with more than 22 years of experience in managing diverse product portfolios and strategies and working closely with channel partners to drive product innovation.