I have worked for many years in the cyber security industry. The core focus area for most cyber organisations, as you would expect, is about defending and protecting against cyber threats.
However, as software becomes more complex, and software developers are under increasing pressure to release products faster, security vulnerabilities in software are becoming more common. These vulnerabilities are then exploited by hackers becoming zero-day attacks or unknown attacks. These attacks create a "Window of Vulnerability" where an organisations systems are not protected, as there are no patches or signatures in existence yet to defend against the attack.
Zero-day cyber attacks are almost impossible to detect and defeat as they use exploits that are previously unknown and often get through defences. This type of attack and the threat of ransomware using zero-day exploits is rising from one per week in 2015 to one per day by 2021 according to analyst reports.
The cyber security industry is doing its best to defend against this kind of attack, but the truth is, how do you defend against the unknown? It is very difficult to do.
This is where recovery comes in. Most of the cyber organisations and cyber teams do not focus on this area as they concentrate on defending against attack. It is often left to the attacked organisations internal IT teams to restore and recover systems using backups once a successful attack has taken place. In the case of ransomware that means either paying the ransom to restore the system or hoping that your backup is not affected and restoring from there.
During a "Window of Vulnerability," or a ransomware attack, the ability for an organisation to recover fast ensures that data and systems are less affected by the attack and business can continue to operate as usual, rather than facing potentially massive disruption.
However, in practice, a lot of backup's are not always successful. They may also have been compromised in the ransomware attack if they were on the same network for example and therefore just restoring is not as easy as it sounds.
There is also the time it takes to restore those files to consider. Very often many organisations backup everything with no knowledge of what is core or critical to the operations of the business. This leads to major issues if entire business IT operations are disrupted simultaneously and could cause organisations to be offline for days possibly weeks; which is extremely damaging.
But fear not... there is another solution. You need to focus on your ability to recover your critical data and systems fast, by assessing what is critical, and ensuring that this is backed up properly. If you then add in the ability for quick recovery whilst ensuring your systems are immutable and safe from the attack; then ransomware attacks are much less of a problem for you, in fact, you could say they were defeated.
At Tectrade we know how to define policies and outcomes that work best for your business. With our new Zero Day RecoveryTM service, we are your last line of defence against zero-day and ransomware attacks.
Learn how this can be done, even within your existing IT budgets by visiting: www.zerodayrecovery.com
You can also request a free maturity assessment and we will provide you with a report on your data protection and recovery maturity, including providing you with some recommendations on how you could improve.
By Marie Clutterbuck, Chief Marketing Officer, Tectrade