Intelligent CIO Middle East Issue 78 - Page 34

EDITOR ’ S QUESTION
OLIVER CRONK , CHIEF ARCHITECT , EMEA , TANIUM
The vast majority of data breaches that I see start with an avoidable incident that an improved level of cyber hygiene could help prevent .

I

see many cases where backups are not being carried out effectively , if at all . From my experience , around 80 % of organisations either haven ’ t backed up their data or don ’ t do it regularly enough . This is alarming because if these companies experience a data breach , the impact could be hugely damaging . Backups are often the last line of defence against cyberattacks , if you can ’ t recover systems then backups offer a crucial lifeline . be fully accessed without any problems . I rarely see this testing being carried out , so it ’ s definitely an area for improvement .
Another reason that backing up can be overlooked is a misconception that it ’ s purely a data centre issue , but it must also be treated as a part of a well-rounded security strategy . Every organisation should have an initiative to improve and maintain cyber hygiene , in my view backing up should be part of this . The vast majority of data breaches that I see start with an avoidable incident that an improved level of cyber hygiene could help prevent . Even if a network does still become compromised , a good level of cyber hygiene can help minimise the impact . For example , if a ransomware attack encrypts an organisation ’ s data , it is in a much stronger position if data has been backed up .
The main reason I see for backup programs being neglected is cost . Financial and staff resources are required in order for regular , comprehensive backups to be completed and sometimes IT leaders will choose to focus these resources on other areas . The crucial tasks that need this investment include identifying where the most critical data is stored and making sure it is always included in backups . It ’ s also important that backed up data is regularly tested to check that it can
Business leaders should be asking important questions such as ; in the event of a breach , is all of your critical data backed up and have you checked if it can be easily accessed ? Are we including backing up as part of our cyber hygiene efforts and security strategy ? If IT teams understand the importance of these areas and take ownership of them then they may prevent the organisation ’ s reputation from being severely damaged and a large sum of money being lost .
34 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com