By Michel Nader, Senior Regional Director – Data Protection & Cyber Recovery Solutions – MERAT, Dell Technologies
In today’s always-on, always-connected economy, businesses are under pressure to enhance their cybersecurity strategy and prove to their customers that data protection is critical to their engagement strategy. As the world economy continues to digitise operations, supply chains, business transactions and employee and customer services, cyber-attacks continue to be cited as one of the major threats to the world.
In fact, The World Economic Forum's Global Risk Report for 2021 placed cybersecurity failure among the greatest threats facing humanity within the next 10 years. New threats and vulnerabilities appear at breakneck speed and as the tools of the Darknet become more sophisticated and accessible, cyber-attacks are increasingly borderless. As new technologies create opportunities to innovate, we’re seeing more large-scale data loss and the rise of ransomware attacks – so business resiliency planning is key to survival. In fact, a recent study by Gartner cites ransomware as one of the most dangerous threats to organisations and states that by 2025 at least 75% of IT organisations will face one or more attacks.
Why businesses must act
As more organisations align their businesses with digital transformation initiatives, they’re encountering new and complex risks that are expanding their attack surface. Regardless of the industry or size of the organisation, cyber-attacks continually expose business and governments to compromised data, lost revenue due to downtime, reputational damage and costly regulatory fines. To reduce business risk caused by cyber-attacks and create a more cyber resilient approach to data protection, businesses and governments need to modernise and automate their recovery and business continuity strategies and leverage the latest intelligent tools to detect and defend against cyber threats. Reacting in real time to a cyber-attack is already too late. Managing the risk requires agility, meticulous alignment across the business and testing to maintain awareness – it’s about being proactive rather than reactive.
In South Africa, the National Cybersecurity Policy Framework has mandated the country’s National Computer Security Incident Response Team with making cyberspace an environment where all citizens can safely communicate, socialise and transact with confidence. This is achieved by working with stakeholders from government, the public sector, civil society and the public with a view to identifying and countering cybersecurity threats.
Defending against catastrophic data and business loss
Today, cybercrime is directly linked to the value associated with data. Data is the new gold and protecting a huge portfolio of assets is not easy, especially as it expands. The Dell Technologies 2021 Global Data Protection Index found that IT decision makers in South Africa see the potential value that data holds, but despite this risk, organisations have limited confidence in their data protection solutions, with 72% citing that their current data protection solution will not enable them to meet future business challenges.
Defending a business from the worst-case scenario, mission-critical data loss, requires cybersecurity expertise and a holistic approach to resilience. True resiliency is attained through synergy between technology and business processes, where every arm of the business needs to understand where their most sensitive data and services sit as well as the level of risk around them.
For this reason, regular scans and analysis of the internal landscape are essential to understand these changes and the impact. By not recognising security as a potential business inhibitor, businesses open themselves to blind spots and vulnerabilities that can cause severe financial losses and reputation risks.
To overcome the challenges and engage their employees, organisations must embrace a multi-pronged approach to security that includes:
- Providing security training to staff: It is critical that all employees understand why data security is critical at every level and how they are an important part of keeping it secure.
- Risk management: As data continues to grow exponentially, it is essential to leverage a variety of data protection strategies across continuous availability, replication, backup and archives, creating an effective data protection solution that can scale.
- Building a digital vault: Ensure there is a healthy copy of business-critical data that is kept in an isolated environment which can be recovered in case of any cyber-attack.
- Security consistency: For businesses to be ahead of the curve, they need to make investing in security measures a top priority and proactively address data privacy rather than wait to address it after an attack occurs. This means implementing IT solutions (i.e. laptops, servers, storage) that have security already built into the foundation.
With the progress of digital transformation initiatives at risk and a severe uptick in data breaches across every industry, we are at a critical point where businesses simply cannot assume that having the right tools in place is enough to make the organisation immune to a targeted, complex attack. The right security posture will require an investment in people and processes to help create secure infrastructure that optimises cyber resilience to ensure your organisation has a path to recovery from edge-core-cloud.