Preparing for the Inevitable Cyberattack

Aug. 19, 2022
Frank Lacomba, Senior Director of Product Management at Flexential, outlines five key steps to ensuring your disaster preparedness and recovery plan will protect you in case of a cyberattack.
Hurricane season is approaching, and IT departments are readying their systems and their disaster recovery (DR) responses.

While this preparation is critical, the threat of a cyberattack is also looming—and, unlike natural disasters, these manmade threats are blind to location and seasonality. Cyberattacks continue to increase in their sophistication and present a threat to every organization. The rate of incidence is also growing as businesses experienced 50% more cyberattacks in 2021 than in 2020.

The distributed workforce established by COVID-19 exposed new cybersecurity vulnerabilities that bad actors are ready to exploit. To avoid the lost revenue, decreased productivity and declining customer confidence that accompanies a cyber breach, a disaster preparedness and recovery plan should be an integral component of every corporate IT strategy.

Five Steps to Disaster Preparedness and Recovery

Assess

An effective DR plan, capable of mitigating an attack or recovering data begins with a deep understanding of the business’ needs, its critical systems and its risk factors. Organizations should understand their IT priorities and tier their requirements to ensure the most critical systems and data are restored first.

Design

Armed with this information, organizations can build a DR solution that supports uptime and resiliency and safeguards critical data. A key element of this design is the organization’s recovery point objective (RPO) and recovery time objective (RTO). Financial organizations, online retailers and other businesses with frequent, business-critical transactions demand more intense RPO/RTO requirements to limit data loss. Disaster recovery as a service (DRaaS) has emerged as leading data protection strategy given its flexibility, lack of upfront capital investments and low RTO/RPO.

Deploy

Implementing the DR solution requires a level of expertise to ensure its efficacy. A third-party provider like Flexential integrates years of experience and best practices to effectively execute the DR design.

Test & Improve

A DR solution is only effective if it works, making routine testing essential. These tests ensure that any changes to the IT environment are addressed by the DR plan prior to a disaster. DR testing also offers opportunities to improve DR procedures and recovery results. Think of this in terms of a professional sports team. A new play may be clunky on the team’s first attempt; however, with each attempt, the team tweaks and improves the process to strengthen the results. The DR plan is the same, using an iterative process to adapt and fortify recovery efforts, while providing new objectives for the next test.

Maintaining your configurations and test plans is also crucial. Organizations must document changes to the IT environment to ensure their IT teams have the right blueprint to restore the environment, if necessary. To continually strengthen the recovery process, organizations should also outline test objectives—whether addressing previous issues or new capabilities or systems—and report on the success and shortcomings of each test. Capturing this information continually improves the recovery process and offers an objective for the next text.

Build Awareness

Countering cyberattacks demands a company-wide commitment. With limited oversight by IT teams, organizations rely on the due diligence of individual users to utilize the necessary security tools and recognize potential threats. Cybersecurity awareness training should highlight the latest cyberthreats to help employees identify and appropriately respond to them. This training should also introduce and stress the value of various security measures, such as regular password updates, two-factor authentication and VPNs, to encourage their use.

A thoughtfully designed and executed DR plan is key in combatting the impacts of a cyberattack and bolstering operational and data integrity—because when it comes to cyberattacks, it is a matter of when, not if.

Frank Lacombe is Senior Director of Product Management at Flexential, where he’s responsible for executing the product strategy as well as participating in go-to market plans, business integration and lifecycle management of new and existing products and services for disaster recovery-as-a-service (DRaaS) and backup as-a-service (BaaS). Contact Flexential to learn more about building and executing DR plans that provide a foundation that supports business continuity.

About the Author

Voices of the Industry

Our Voice of the Industry feature showcases guest articles on thought leadership from sponsors of Data Center Frontier. For more information, see our Voices of the Industry description and guidelines.

Sponsored Recommendations

How Deep Does Electrical Conduit Need to Be Buried?

In industrial and commercial settings conduit burial depth can impact system performance, maintenance requirements, and overall project costs.

Understanding Fiberglass Conduit: A Comprehensive Guide

RTRC (Reinforced Thermosetting Resin Conduit) is an electrical conduit material commonly used by industrial engineers and contractors.

NECA Manual of Labor Rates Chart

See how Champion Fiberglass compares to PVC, GRC and PVC-coated steel in installation.

Electrical Conduit Cost Savings: A Must-Have Guide for Engineers & Contractors

To help identify cost savings that don’t cut corners on quality, Champion Fiberglass developed a free resource for engineers and contractors.

kubais/Shutterstock.com
Source: kubais/Shutterstock.com

Exploring the Benefits of Liquid-to-Air Coolant Distribution Units (CDUs)

Kevin Roof, Senior Product Manager at nVent, outlines how liquid-to-air cooling works, its benefits and what data center operators should look for when designing and selecting...

White Papers

Dcf Opus Wp Cover 2022 04 25 10 14 50 300x235

Hybrid and Multi-Cloud IT Executive Buyer’s Guide

April 27, 2022
Opus:Interactive outlines best practices and provides checklists for assessing your hybrid and multi-cloud needs.