Cyber security is a key aspect of modern businesses; As the use of technology grows within an organisation, it begins to form part of core strategies, often influencing how critical tasks are done and how critical data is managed and protected. It has become prevalent to ensure that this data is protected from external threats looking to disrupt systems, extort profit and/or cause downtime.
The Cyber-security industry is a landscape having to adapt to the world around it, with Innovative technologies creating new opportunities for cyber-criminals to take advantage. The cyber-security industry must ensure that the methods used to protect, and secure data are kept up to date and are always evolving to stay one step ahead of cyber-criminals. It is important however, to ensure that traditional methods of data protection are kept in place such as backup.
Why is cyber-security important?
Put simply, cyber security should be a top priority for IT teams. The main goal of cyber security is to ensure that business data and systems are kept protected from threats that would result in downtime and a denial of service. One of the simplest ways to ensure that there is minimised downtime is through the implementation of a Business Continuity Plan. A Business Continuity Plan, commonly referred to as BCP, is a high-level plan detailing what approach you should take in an emergency and includes members of the Emergency Response Team and the communications plan.
The BCP is high-level enough that it doesn’t require regular changes, as most of the day-to-day changes probably appear in the Disaster Recovery Plan. The Disaster Recovery (DR) Plan is a more detailed recovery plan that usually includes technical recovery processes for each critical system in the infrastructure; commonly used in tandem with a BCP.
Cost of not valuing cyber-security?
Not valuing cyber security can be a costly decision for businesses. The price of a cyber-attack can vary significantly depending on the kind of attack, it is increasingly common that attacks are well planned in advance and one of the costliest aspects can be the downtime caused. With ransomware so popular among cyber-criminals, organisations are at risk of having to pay ransoms that could be anywhere from $300 to $1,000,000 (usually paid in Bitcoin). Ransomware can be protected against and the risks mitigated, but it can strike at any time and by the time it does, it could be too late.
When British Airways had a data centre outage in late May 2017, the knock-on effects were felt globally. Hundreds of flights were affected across some of the busiest airports in the world after power was lost at a facility running BA’s primary servers and backup generators did not kick in correctly. Having affected in the region of 75,000 customers, the compensation due to be paid by BA was estimated to be over £100 million; a costly mistake for not having a properly planned, tested and enforced plan for dealing with a power outage.
While it is unlikely that most organisations would ever have to pay out hundreds of millions of pounds in compensation, downtime can stop customers being able to order products, fulfil a service or contact customer support, leading to a negative experience. In a competitive industry this could be the difference between keeping a customer or losing them to a competitor.
The threat level within different organisations will be different and cyber-criminals have shown they have ability to change the way they target organisations based on industry, often a decision made to increase the effectiveness or profitability of an attack. While industries such as healthcare and education have seen large numbers of attacks, mostly ransomware, industries such as finance and technology are also at high risk due to the sensitive nature of data they hold.
Being able to analyse risk across different areas of an organisation is one step in being able to protect against an attack. In a recent report by cyber-security firm RedSeal, it was found that 55% of respondents did not feel they were able to react quickly enough if under cyber-attack. This suggests that on an organisation level, there is either a lack of planning for cyber-security breaches or a lack of visibility meaning they would not spot an attack quickly enough. Further to this, only 25% of respondents had done a cyber-security test in the last 12 months. With so few, actively testing systems and plans, it is not particularly surprising that only 1 in 5 respondents was confident that their organisation had the ability to get back up and running in the event of a cyber-security disaster.
Recovering from a cyber-attack
Cyber-attacks come in many forms, one of the most common is malware in the forms of Ransomware. Ransomware attacks have become well publicised following a number of large-scale attacks that have affected countless organisations and made headline news. The WannaCry attack in May was such an attack, causing mayhem when in just 3 days it affected over 150,000 organisations in countries across the globe, encrypting data and rendering it useless.
In the aftermath of the WannaCry attack, Redstor enabled hundreds of organisations to recover data from their secure, off-site backups mitigating the need to pay a ransom and ensuring the safe return of their data.