CIO OPINION
Recovery should be included in the technology and process investments made by IT and security teams , beginning with a clear-eyed view of reality and an acceptance that no matter how much investment goes into protection , eventually something – or someone – will get in .
Minimising the cost of downtime
Comparing approaches to dealing with ransomware helps to illustrate the recoverware process . In the traditional scenario , an organisation sees its network infected with the notorious CryptoLocker ransomware .
In practical terms , the answer lies in radically improving the ability of cybercrime victims to recover . This perspective means the ultimate protection isn ’ t a wall around the perimeter , it ’ s the ability to continuously protect and quickly get back to business as usual .
As a result , all of its file servers become infected and their only recovery method is restoring from disk . In this situation , it ’ s not uncommon for the victim to experience hours ( or days ) of data loss and many are unable to fully recover for several weeks .
Recovery solutions – or what we like to call , ‘ recoverware ’ – need to be fast and affordable , and organisations should be in a position to implement tools that provide Disaster Recovery and backup through continuous data protection ( CDP ) – right down to the final few seconds leading up to a breach . Think of it this way : paying a ransom is an unpalatable decision , to say the least . However , in far too many cases , organisations see it as their only option . This couldn ’ t be further from the truth .
Having the power to recover data to a point immediately before ransomware strikes puts IT teams back in control of their destiny . Recovery becomes a powerful defence against a malware attack , not a last resort when all else fails .
The process is full of pitfalls . If , for instance , the organisation finds it is unable to restore any data from its disk backups , one option is to ship tape files to an outsourced data restoration specialist , with accompanying delay and additional cost . Even
Managing and mitigating IT disruption , caused by an external attack such as ransomware , should be near the top of the list of concerns for every CIO .
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 45