Taking the right steps to forming a reliable Business Continuity and Disaster Recovery strategy are firmly placed at the heart of many boardroom discussions. Steve Blow, EMEA Sales Engineering Manager at Zerto, a Hewlett Packard Enterprise company, discusses the importance of building a stronger line of defence when it comes to cybersecurity, and why a holistic strategy that combines Disaster Recovery and backup with cybersecurity prevention solutions is the answer.
In the traditional sense, the need for resilient infrastructure has been about maintaining the integrity of a variety of utilities, communication links, transport networks and many other factors that are the foundation of modern society.
As countries around the world face greater challenges, particularly those presented by climate change and natural disasters, resilience is becoming even more important. And today, there is also a compelling argument that efforts to mitigate the risks facing critical infrastructure should also be extended to IT systems and data centres.
Indeed, the digitisation of society has become so deeply embedded in the way economies and cultures function, there are few places that can afford to see these key components of national infrastructure put at risk.
Take the huge problems caused by the rise in cybercrime in general and ransomware in particular. According to Cybersecurity Ventures, the global economic impact of cybercrime as a whole is expected to hit US$6 trillion this year and ransomware is a particular problem – it is expected to cost around US$265 billion a year by 2031, with some individual demands now as high as US$50 million. As a result, large US companies lose an average of US$5.66 million a year in disruption – such as downtime and lost productivity caused by ransomware attacks – according to analysis from the Ponemon Institute.
The attacks on critical infrastructure, for example, are among the most alarming. Colonial Pipeline is among a number of recent examples where the loss of access to IT systems and data had a serious knock-on effect on its ability to maintain vital fuel supplies. The company is reported to have paid a ransom demand of US$4.4 million to its attackers in order to restore its systems to normal.
The attack on the Irish healthcare system also caused weeks of widespread disruption, with public health services. Until recently, experts were expecting it to take many months before IT systems were fully restored.
Moreover, events of the past 18 months have added significantly to the pressure being placed on IT systems by cybercrime. With home and hybrid working set to continue as a permanent option for many millions of workers, safeguarding IT systems against failure has become more important than ever.
It’s clear, therefore, that critical IT infrastructures and data centres must become more resilient. In particular, IT teams should keep their IT resilience strategies under constant review and integrate new technologies into their operations to address both ongoing and emerging threats.
Cyberattacks – Not if, but when
More effective protection will also require a shift in mindset, because for most organisations it’s now a question of when they will be targeted, rather than if. One piece of industry research, for example, reported that 61% of companies had been impacted by ransomware in 2020. This represents a 20% increase over the year before and equates to an average of six working days lost to system downtime. Over a third said that ransomware downtime lasted one week or more.
Given that just one hour of unplanned downtime can cost a large enterprise up to US$700,000 and the direct link between the integrity of critical IT infrastructure and the bottom line is evident.
Ultimately, this can present an existential threat. On December 31 2019, for example, Travelex, which at the time was the world’s largest currency dealer, was hit by a ransomware attack accompanied by a demand for US$6 million. After a month of business disruption, the company reportedly paid US$2.3 million to its attackers, but by August 2020 had gone into administration with the loss of 1,300 jobs. The impact of the attack was described as a contributing factor to the financial difficulties that caused it to fail.
In fact, research indicates that 90% of businesses without a Disaster Recovery strategy will fail in the aftermath of a disaster. In contrast, nearly all (96%) of companies that do have a trusted backup and Disaster Recovery plan are able to survive ransomware attacks.
A renewed emphasis on resilience
Many organisations have responded to these risks by increasing investment in solutions to protect their systems. According to recent market analysis published by Gartner, worldwide spending on information security and risk management technology and services is forecast to grow 12.4% to US$150.4 billion this year.
However, increasing spending on cybersecurity solutions alone is not a panacea to varied risks organisations face, but it is important that there is a stronger front line defence in general.
The answer lies in a holistic strategy that combines Disaster Recovery and backup with cybersecurity prevention solutions, and integrating both into one infrastructure resilience strategy is key. Instead of a legacy approach where the teams in control of cybersecurity, Business Continuity and Disaster Recovery have often operated in silos, organisations are increasingly viewing this as a disjointed process with the potential to leave serious blind spots in their defences.
When cyber-resilience, IT resilience and business resilience are brought together to deliver a coordinated response to the risk and aftermath of a ransomware attack, the payoffs in terms of better prevention and mitigating can be huge.
In broadening the definition of critical infrastructure to the IT systems that underpin huge sections of the global economy, delivering greater resilience offers a win-win for every stakeholder. Whether organisations are subject to natural disaster or criminal attack, an effective and rounded Business Continuity and Disaster Recovery plan that supplements cybersecurity protection with backup, journaling, recovery and replication solutions can enable organisations to maintain business as usual instead of suffering major downtime and disruption.