Back up and test your data recovery plan...if you want to stay in business
Your data is your business, it’s as simple as that. No organisation can function without digital records covering customers, suppliers and staff. Critical intellectual property will also almost always be held digitally,so protecting your data is vital. Historically, all firms needed to worry about was a server or hardware failure and while that’s still an issue for some, so is the increasing risk of cyber-attacks.
19 September 2017
The recent "WannaCry" ransomware attack has brought this into sharp focus. It has affected hundreds of thousands of computers globally, including several NHS Trusts, Germany’s rail network Deutsche Bahn, Telefonica, US logistics giant FedEx, and Russia’s interior ministry. The fact that the cyber-criminals behind the attack were able to utilise tools first developed by the US National Security Agency gave the attack a new potency.
A "wake-up call" for all businesses
The attack has been described by many - including Microsoft President and Chief Legal Officer, Brad Smith - as a "wake-up call", and it is exactly that. It’s easy to point the finger of blame, but it’s different when you’re at the coalface running real IT systems. WannaCry was exceptional in terms of the level of sophistication; we've obviously seen ransomware before, but what’s different here is the military-grade code behind it. It is possible that patched systems would have stopped or slowed the attack, but for Enterprise organisations running hundreds or thousands of individual machines, applying the updates is still a relatively time consuming process.
Last year, 40% of UK firms were attacked by ransomware. Whilst ransomware does not "steal" information as such, it encrypts data so that users cannot access it unless (in theory) they pay the criminals and obtain a "key". But this is a dangerous game since it’s not unknown for cyber-criminals to simply vanish and pocket the cash. Most agree that paying the cyber-criminals is not a sensible step – all it does is perpetuate the problem. And, of course, organisations can still lose data through a variety of other means; server and hardware failures are relatively common, as is an employee accidentally deleting files. Indeed, accidental deletion happens in most organisations almost every day. In another example, a disgruntled employee might wipe data, or even take company data with them to their next job. To add perspective, some 70% of the successful attacks on businesses came from internal threats like employees and contractors. Even small data losses – those with fewer than 100 files lost – are estimated to cost organisations £14,595-£28,793.
Have a plan in place and test, test, test!
Where this leaves us is to reinforce the importance of backup. Simply put, if data is properly protected then most of these issues are mitigated. In the case of ransomware, an attack could still infect computers (and take businesses offline for a while) and be hugely disruptive, BUT the attackers are left without leverage because the data can be recovered and the firm remains in business. It is a sad fact that statistics show that 70% of businesses that experience a major data loss are out of business within one year.
Our message to organisations is to test your Backup and Disaster Recovery plans - today. Most organisations do back up data to some extent, but many never test to check that they can recover their data. Consequently, it’s not until disaster strikes that they realise their recovery plan simply doesn’t work. So if a company hasn’t tested and validated its backup for three months, that could be three months worth of data that the organisation loses. Aligned to this point is the importance of determining the backup cycle. It should be as close to real time as possible; if the cycle is set to backup data at the end of the day, then that leaves a "data gap" of 24 hours that may not be recoverable. That’s sufficient to significantly disrupt most companies. The emphasis therefore needs to be on recovery so that in the event of a serious issue, the firm is able to resume business as usual as quickly as possible.
What are your next steps as a business? Having a reliable IT partner in place who will run validity checks, data recovery tests and propose solutions to mitigate the risk is key. That partner should ensure that your business is patched, protected and resilient in the face of the escalating attack environment.
Want to know more? Get in touch at firstname.lastname@example.org.
Head of Enterprise Sales - North