In today’s digital world, 88% of organisations rate email availability as critical to their organisation, with more than half rating it as mission critical. Despite this, many organisations still struggle to quickly connect the dots between valuable attack data from their security investments. One successful email attack could shut-down an entire company, and hackers know it.
When moving to the cloud, organisations must think about their continuity plan. If things can go wrong, at some point they probably will go wrong. Whether it us due to an update that did not go to plan, environmental issues or connectivity problems, or even an attacker trying to take down the network, the potential for something to go wrong is significant.
To stay ahead of security risks such as this, organisations need to adopt a cyber resilience strategy that spans security, data protection and business continuity.
Improved security
The first stage of this is for organisations to implement layered security, as email security solutions that might have been adequate several years ago often lack features to protect against today’s modern attacks. This next generation technology should include cloud technology to ensure the network is always up to date, ready to protect against the latest and fast moving threats.
As part of this, businesses must ensure employees are trained appropriately. 91% of hacks begin with an email attack and training staff will ensure that if something does reach an Inbox, systems are not rendered useless. Training employees on what to look out for and what to do if they see an attack is vital.
“To stay ahead of security risks organisations need to adopt cyber resilience strategy that spans security, data protection, business continuity”
Data protection
As email moves to the cloud, organisations must consider how to appropriately protect their data, especially as employees continue to keep an increasing number of messages and attachments in their archive. Remembering that it is their data, and responsibility ultimately sits with them to safeguard it. This is especially important with the upcoming General Data Protection Regulation, which will fine businesses 4% of annual worldwide turnover or 20 million Euros if data breaches are not reported within 72 hours.
Business continuity
Businesses must ask themselves what their cyber resilience strategy is when a critical cloud service goes offline. Organisations need a continuity plan to keep operating when their primary provider becomes unavailable.
To ensure businesses are ready when the network goes down, organisations should test their continuity solution regularly. Without testing the solution, organisations will learn the hard way that data is not being entirely backed up when they perform a restore.
Secondly, when it comes to planning, businesses need a clear chain of command, should disaster strike. If the network goes down, businesses need to know who to call immediately. Performing testing once simply is not enough. Solutions need to be tested depending on the tolerance of the business.
By adopting a cyber resilience strategy that spans security, data protection and business continuity, organisations can ensure email availability in the cloud and significantly reduce or even prevent email downtime, data leakage and financial loss after disaster strikes.
Dan Sloshberg at Mimecast explains why a continuity plan including email is essential when moving to the cloud.