Barricade your organisation with 7 layers of data resilience

- Advertisement -

The data landscape has shifted.

For decades, organisations have relied on traditional backup and recovery methods to weather data centre disruptions. When power outages or natural disasters paralysed these facilities, they turned to replica sites to continue operations and, if necessary, retrieved their data from disk, tape, or cloud storage. Today, however, cyberattacks like ransomware pose a far more sophisticated and intentional threat, jeopardising data integrity and operational continuity.

This new reality demands a redefined approach to data resilience — one that surpasses conventional data protection and integrates proactive cyber readiness strategies.

Enterprises are now grappling with the consequences of cyberattacks like ransomware, which is projected to cause US$265 billion worth of global damage by 2031. Unlike natural disasters or hardware failures, these incidents involve attackers intentionally impeding successful recovery.

In Southeast Asia, there have been several recent high-profile cyberattacks. For example, Indonesia recently saw its national data centre compromised by Lockbit 3.0, disrupting immigration checks at airports and permanently losing population data. This breach affected 239 institutions, including 30 government ministries and agencies. With a reported 98% of data stored by the data centre not being backed up, recovery efforts were severely hampered.

Empowered by AI capable of writing code, cyberattacks are rapidly evolving. Ransomware also makes launching cyberattacks easier — even individuals without deep expertise can capture data and sell it on the dark web. Moreover, bad actors now target the configuration files of applications and the data sets necessary for recovery, making it harder to return to normal operations. Victims might ultimately succumb to paying a ransom as a desperate measure.

Sensitive data, such as personally identifiable information and payment details, is especially appealing to malicious actors. New data regulations are emerging, such as the European Union’s Digital Operational Resilience Act (DORA), which takes effect in January 2025. The Americas and APAC are expected to follow suit.

Navigating this new landscape is challenging, particularly when cybersecurity experts are costly, difficult to retain, and in short supply. The situation calls for a new approach to data resilience — one that integrates cyber readiness with conventional data protection.

There are seven critical layers to an adequate data resilience strategy for operational resilience:

  • Monitoring, posture assessment, testing, and incident response.
  • Anomaly detection and malware scanning.
  • Penetration testing, patching, upgrading, and DevSecOps.
  • Forensics and recovery in minutes.
  • Introducing a diverse partner ecosystem for compliance.
  • Efficient, dependable backup and recovery.
  • Reliable, secure, immutable infrastructure.

Begin with a posture assessment

Imagine a brokerage with an average downtime cost of US$5 million per hour. If it suffered a ransomware attack, could it endure being offline for a few weeks? The financial repercussions would be unimaginable. Furthermore, what would the regulatory fines amount to? How would this erode customer trust?

Instead of panicking, prepare your organisation before attacks happen. Enlist internal experts or collaborate with a trusted partner to assess the organisation’s cyber resilience, data protection, and overall operational resilience posture.

Introduce an independent voice

Addressing this broad remit requires acknowledging that no single team can identify all the issues. The network team might think the network is thriving, and the infrastructure team might believe the infrastructure is indestructible. However, without a comprehensive view, these assessments may miss critical vulnerabilities. Additionally, various teams may view the assessment process as an opportunity to acquire additional budget for their preferred initiatives.

Engaging an independent voice helps to generate a more accurate and unbiased assessment of the organisation’s operational resilience posture. An objective external party can better understand the current state, define goals, and make informed decisions around people, processes, and technology.

Accept that reactive technologies are inadequate

Reactive approaches may have been effective in the past, but a proactive approach is necessary in today’s world of frequent and increasingly sophisticated attacks.

Pivot to a posture where AI is used to spot anomalous activity and scan for malware. Utilise the power of automation to act, whether it’s notifying an administrator of anomalies or promptly isolating at-risk systems.

Address data resilience across the entire environment

The expansion of data and the widespread implementation of IoT, edge computing, and storage are expanding the attack surface. Securing the data centre with data resiliency, cyber readiness, and rapid recovery at scale is crucial where data — and all devices engaging with that data — exist. In today’s hybrid world, that’s everywhere.

As a result, ensuring data resilience becomes increasingly complex. It is essential to collaborate with a trusted professional who possesses the expertise to comprehend the ecosystem, people, processes, and technology in order to streamline the journey and provide consistent protection from edge to core to cloud.

Maintain a reliable, secure, immutable infrastructure

Most organisations have reliable backup and recovery systems in place. However, it is now vital to ensure a robust infrastructure defined by data immutability, consistent deployment processes, and fortified resilience against unexpected system failures.

By activating these capabilities, organisations can take immutable snapshots of their database environments, ensuring that data cannot be overwritten. With encryption active, reverting to previous versions during recovery becomes straightforward. Additionally, forensic capabilities that identify the correct recovery point before malware entered will significantly enhance recovery speed.

Resist the urge to throw the baby out with the bathwater

Consider ways to perform penetration testing, patching, and upgrading at scale without affecting the production environment. Effective data governance should include specifics about retention periods, access controls, and deletion schedules.

Although this may seem like an overwhelming task, organisations don’t need to rebuild from scratch. By collaborating with a reliable entity, organisations can identify substantial gaps, bring the right people to the table, and determine what is needed now and in the future to ensure appropriate data protection, security, compliance, and cyber resilience.