Cyberattacks have grown in magnitude and frequency since the onset of the COVID-19 pandemic. For instance, the healthcare, manufacturing, and finance industries saw an increase in cyberattacks at 200%, 300%, and 53%, respectively. In May, multinational insurance firm AXA was struck by a ransomware attack in its Asia division. Earlier this month, burger chain giant McDonald’s reported a data breach in several of their markets.
This surge has made cybersecurity firms and managed security service providers (MSSPs) particularly busy. One of the organisations promoting the need for cyber resilience is Datto, which provides cloud-based software and security products for managed service providers (MSPs). We recently got in touch with Ryan Weeks, Chief Information Security Officer at Datto, to discuss business continuity and cybersecurity.
What role does business continuity and disaster recovery play in cyber resilience?
Cyber resilience is achieved when a quality cybersecurity program intersects with strong incident response, and business continuity and disaster recovery (BCDR) readiness. You cannot be truly cyber resilient if you do not have effective BCDR planning, testing, and readiness. You are resilient when you are prepared for continuity incidents, which include ransomware incidents. Resilience includes being able to execute those plans efficiently and expeditiously.
How do larger geopolitical issues (e.g. the United States-China trade conflict) affect cybersecurity and cyber resilience? Are we in the midst of cyber war already?
This is just another scenario that we need to plan to be resilient for. There is certainly an arms race occurring to prepare for such an eventuality. That means we have a chance now to model what that will look like and how it might affect our businesses. The most likely scenario is that critical infrastructure that our business depends on may become unavailable. We should therefore have resilience plans for if the internet is taken out in certain regions, or power is unavailable for an extended period of time and such.
How can organisations build top quality cybersecurity teams amid this current cybersecurity talent shortage?
This answer will differ for each organisation. For some, they may have a hard time competing. They may choose to partner with a MSP or MSSP to assist them with security. Others may be able to build it in-house. They will need to determine which roles they are going to seek to be really attractive for, and which ones they want to find high potential entry-level talent for. You need to understand that, often, the largest talent pool you can pull from already exists within your organisation. Institutional knowledge is often overlooked for prior experience. I’ve found that with a quality plan to train folks, you can often get them productive and growing quickly, and their institutional knowledge compensates for academic or experiential knowledge.
Out of the many possible disciplines to specialise in IT, you focused on security. What is it about your discipline that sparked your interest?
For as long as I can remember, I’ve been interested in the things I could do with computers and networks that were not expected. I liked figuring those things out, and then figuring out how I could prevent those things from happening to me. I was also exposed at a young age to someone that managed network security as a service provider. He let me observe what he did and I knew then and there that was what I wanted to do for a living and I’ve never regretted it.
What made you move to Datto?
I was attracted to Datto as they had a very strong company culture and a palpable desire to improve information security for them and their customers, who we call partners. There was a broad opportunity to build something differentiated and special from the ground up, in order to ultimately help MSP partners improve their security and, by proxy, improve the security of small and medium businesses. It’s been the ride of a lifetime that I’m privileged to still be on. I’m as energetic about the role and responsibility today as I was from the start.
How has the cybersecurity industry changed since 2006 when you entered the field?
The threat landscape has changed substantially, and how we consume technology has dramatically shifted. The most interesting thing that I find is that despite these changes, most of what we do goes back to the same fundamentals. It may require a different approach depending on your threat profile and technology stack, but the same building blocks are still highly effective when implemented comprehensively.