Underlined by the recent spate of attacks on UK high-street businesses, we live in a world where cyber threats are real. Such attacks can and do cause real damage. But it’s important to keep a sense of perspective: cyber attacks are, in fact, just one of many risks that a business must take into account and develop a strategy to address.
That means having a Plan B so the business is prepared for recovery if things do go wrong. The fact is, however, that many organisations still don’t have a Plan B that stands up to scrutiny. Do you?
In this blog, we’ll be highlighting how the frequency, scale and sophistication of cyberattacks is increasing and introducing the Plan B response that’s now so essential to build cyber resilience.
Cyber threats…growing in number and sophistication
Debilitating cyber and ransomware attacks are on the rise. In the financial sector alone, 2022 saw a 257% year-on-year increase in web application and application programming interface attacks.
Also growing are politically or ideologically motivated attacks focused not on financial gain, but on business and data destruction. Regardless of the threat actor or their motivation, the target is the same: the digital nervous system that businesses rely on.
It’s clear that threat actors are changing their approaches. And just as we continue to advance our digital tools and technologies, we can also expect these attacks to grow in sophistication and prevalence.
Because defensive measures alone are insufficient to fully protect or repel such attacks, they’re often characterised as a “when, not if, problem”. Responses assume that defences have been compromised, and seek to ensure that the business can recover as soon as possible.
Impacts in focus
The press is riddled with examples of organisations that have been left in precarious positions, struggling to recover from cyber attacks. That’s no surprise. More than half (54%) of UK SMEs experienced some form of cyberattack in 2022, up from 39% in 2020. Some have faced business extinction as a result. For larger organisations, the impacts may be less dramatic, but the recovery process can still be painful, lengthy and extremely costly.
One example of the scale of damage that can be inflicted? In June 2022, Costa Rica was forced to declare an “institutional emergency” when it suffered two major ransomware attacks – the first time that such attacks had attempted to overthrow a country’s leadership.
Targets included Costa Rica’s public services (including tax systems and customs control), as well as its hospitals. Thirty thousand medical appointments had to be rescheduled, parents struggled to locate children who had been in surgery when the attacks hit, and discontinued paper-based processes had to be reintroduced.
Mitigating risk with new tools and new approaches
It’s clear that threat actors are changing their approaches. And just as we continue to advance our digital tools and technologies, we can also expect these attacks to grow in sophistication and prevalence.
This is, of course, a concern. But with the right strategy – built on people, process and technology – organisations can mitigate cyber risk more effectively.
The answer? Developing a cyber resilience strategy that goes beyond defensive measures to implement a Plan B for business recovery. To start this journey, business leaders should speak with the board, IT and security teams to understand the current programme and process to recover from a catastrophic event. Good questions to ask include:
- For the business: What critical services do we need to have available no matter the circumstance? How much time can the business afford to be down? If the business cannot run, what’s the impact in cost per day?
- For IT: How will the business recover from ransomware or data destruction if it’s hit by an attack today? What are the known gaps in our recovery programme and process? What are the most critical data-sets?
- For Security: How are we addressing the risk of a bad actor hiding undetected in our systems environment for days or weeks?
Once leaders understand the current approaches and gaps, it’s time to identify and invest in solutions that will enable a strong business response to these types of attacks.
On the road to rapid recovery
Organisations are increasingly turning to approaches that incorporate cyber vaulting. These approaches, including Dell Technologies’ PowerProtect Cyber Recovery solution, provide the foundation for an organisation’s Plan B – protecting critical data-sets off the network in an isolated data vault that can be used to recover business systems and services in the event of a catastrophic, data-destruction attack.
EY has found that Dell Technologies’ solution can help clients to recover from these kinds of attacks. As malware spreads rapidly through an organisation’s network, the Cyber Recovery solution is isolated – physically and logically segregated from production systems.
The Cyber Recovery solution addresses the risk of bad actors that dwell in systems environments for weeks on end, learning about business processes and finding where data is stored and safeguarded. Because the solution is immutable, it prevents them from making changes to or deleting data, even if they’re somehow able to defeat isolation. And to ensure data-sets are good and usable for recovery, the solution leverages intelligent analytics to perform integrity checking.
Foundations for cyber resilience
Investing in the right leaders, developing a strong recovery process and implementing secure technologies are all key components for an effective cyber resilience strategy.
Sustained cyber resilience does, however, require continuous effort. Approaches will need to be refined, risks evaluated, and recovery rehearsed. To stay vigilant, it’s recommended that organisations regularly war-game key scenarios to ensure a sound response if an attack occurs.
We would be delighted to discuss this further. Please connect with our team:
EY
Dell Technologies
