During these extraordinary times wherein the world is fighting against the deadly COVID-19 pandemic, other issues like the threat of a catastrophic cyber-attack has fast mushroomed along with it. As business leaders come face to face with rising cyber-attack cases being reported, the need to be prepared with better data and cyber security solutions rises.
The World Economic Forum’s Global Risks Report 2020 ranks cyber-attacks as the second risk of greatest concern to businesses in the coming decade. As the tools of the Darknet become more sophisticated and accessible, cyber-attacks are increasingly borderless – taking advantage of jurisdictional constraints of regional authorities. According to an industry research by Frost & Sullivan, 46% of Indian organizations that are in the process of digital transformation have encountered a security incident in the year 2019 . In fact, as per another industry report, India witnessed two to three times increase in the number of cyber-attack incidents, during its lockdown phase . We’re seeing more and more large-scale data loss and the rise of ransomware attacks – so business resiliency planning is key to business survival.
Why medium-sized businesses must act
Reacting in real-time to a cyber-attack is already too late. Managing the risk requires agility, meticulous alignment across the business and testing to maintain awareness – it’s about being proactive rather than reactive. Cyber resilience is more important than ever as medium-sized businesses assess their risk of being attacked, whether at the hands of criminals or as collateral damage in cyber warfare. Any data loss can put the nails in the coffin for unprepared businesses. While today’s business leaders may hope to evade the hit-list, it is a matter of ‘when not if’.
Defending against catastrophic data loss
Defending a medium-sized business from the worst-case scenario, mission-critical data loss, requires cyber security expertise and a holistic approach to resilience. Awareness needs to be built across the business – this is not just a tech problem. Synergy between technology and business processes is where true resiliency is attained. Leaning on cyber experts when it comes to planning and implementation will help businesses to identify key applications, recovery times and objectives.
Every arm of the business needs to understand where their most sensitive data and services sit and the level of risk around them. To understand the level of risk an agile approach is needed, because risk changes along with the business landscape. For this reason, regular scans and analysis of the internal landscape are essential to understand these changes and the impact.
Protecting a huge portfolio of assets is not easy, especially as it expands. But every business must understand what its DNA is – that’s the critical 10-15 percent of data that must be protected at all costs. This is the life-blood of an organisation and, in the event of a cyber-attack, is the difference between its life and death. It is business critical and must be decided upon with a holistic view. For some, this can often lead to analysis paralysis – the desire to save it all. In the same way that we would only carry our most essential belongings from a burning home, businesses must decide upon their most prized data so that it can be protected and used to recover the business in the aftermath
The good news is, this process can be simplified by data protection and cyber-security services that enable organisations to establish policy-driven automated workflows to move business critical data into an isolated environment and lock it down in less than five steps. This is called a cyber-vault, the ultimate protection for a business’ DNA. In the event of an attack, this data will help businesses to recover. When responding to cyber incidents and working to bring critical systems and data back online, accuracy and simplicity matter. A cyber recovery plan must be fully integrated within the business and align with its cloud strategy over the following five years.
Businesses are increasingly aware of the dangers of a cyber-attack, but they need to truly invest in cyber resilience in order to shore up the gaps in the ever-changing business environment – and cyber-security expertise is vital. The clock is ticking, it’s not a matter of if, but when and businesses need to be prepared.