The COVID-19 pandemic accelerating the pace of digital transformation across verticals has been well documented. Businesses embraced cloud and adopted digital technology as they transitioned to remote working and distributed operations. Much of these changes are embedded in the businesses’ IT infrastructure and core systems, and have brought about advancement that would otherwise have required at least a couple of years to plan and roll out.
The cyberthreat landscape has also evolved rapidly over the last two years, and the attack surface area with businesses has increased tenfold with distributed endpoint devices outside the physical office, more team collaboration tools, and reduced physical oversight over critical IT infrastructure. These changes have obviously exposed businesses and their critical data to new levels of risks.
To mitigate these risks, businesses need to set a new precedent for data management in the new work environment, such as an effective data protection strategy built on solid business foundations. Here are three key factors that enterprise leaders must consider in their data protection strategy.
Raising risk awareness
Data is the currency of the digitalised world, and its importance in today’s business landscape cannot be overestimated. Organisations need to protect this critical data, and those that lack a “risk-aware” culture are prone to accidental risks that can compromise privacy and data security.
Humans are often the weakest link in a business’ cybersecurity posture. A recent report from Infoblox revealed that phishing attacks, mainly social engineering attacks whereby attackers often deceive victims by masquerading as a trusted entity or contact, accounted for 68% of data breaches reported in Singapore over the past 12 months.
Another common issue with victims is the use of connected or storage devices without mandating basic security requirements like encryption. Such low-risk awareness creates vulnerabilities that can lead to a serious data breach.
Businesses need to inculcate a high level of risk awareness across all departments. This means that decisions — from procurement of devices to significant solutions such as ransomware detection and cloud data management – are made with risk awareness in mind. This mindset will set the foundation for a business-wide data management strategy from the ground up.
Safeguarding customer trust
There has also been a spike in ransomware attacks globally over the last two years. In the Asia-Pacific and Japan region, businesses experienced over 1,200 weekly ransomware attacks.
The impact of ransomware attacks and data breaches to businesses can be more than financial as they may also damage corporate reputation. Trust is key in business, and the reputational damage from a cyberattack can take an immediate toll with more consequences in the long run for the affected companies.
In view of this, effective data backups and recovery systems are not just good to have but are critical cybersecurity and data protection measures. Also, regularly assessing, testing, and evaluating cybersecurity processes must be part of a business’ cybersecurity playbook.
Additionally, IT teams need to immediately conduct expert forensics, as soon as a breach is detected, to determine the scope and nature of the incident. These findings can be used to not only plug the breach but also to be studied to further enhance data management strategy.
A plan of defence
How well enterprises protect, manage, and leverage data as a critical asset will decide who will thrive in a post-pandemic world. A 2021 survey by Cloudera found that firms with mature enterprise data strategies in place for at least 12 months saw a higher average profit growth of 5.97%, with close to two-thirds (64%) reporting stronger levels of resiliency.
To get the most out of their data, businesses should consider data management solutions like data protection as a service (DPaaS) as a key aspect of their data management strategy. These must be highly scalable and deployable within minutes, allowing enterprises to immediately begin protecting their environment with backups, and at-rest or in-flight encryption.
Such DPaaS solutions should also have built-in anomaly detection that provides a real-time monitoring environment, allowing for IT teams to instant respond to unusual behaviour. They can also provide robust data isolation, air-gapping data backups as a best practice for risk mitigation.
In today’s growing complex data environment, businesses must reimagine their data management policies to thrive in a rapidly evolving threat landscape and be in an ever-ready data preparedness state. For business leaders to take the weight off ransomware and data breaches, it is time to adopt a holistic data management mindset and put on an inside-out security approach to strengthen their core capabilities and build an agile and intelligent data driven organisation.