How to Recover from a Destructive Cyber Attack

In my last blog, I discussed the massive growth in remote working and workforce enablement. At a broader level, this movement online has radically transformed how we live, work, learn, and shop. Our world is now highly connected. Data is regarded as the new gold, the currency that allows you to access smart insights and drive organic growth for your business. However, everyday businesses of all sizes across all industries are being targeted by cyber attacks with the majority focused on either data destruction or encrypting data and holding it for ransom.

Protecting Your Data is a Strategic Business Imperative.

View this On-demand Session recorded during Dell Technologies World, May 5-6, 2021.

Typically, these attacks bypass traditional security controls at the perimeter, allowing the attacker to go undetected for months or sometimes even years. In addition to the “bad guys” outside of your organization, the Verizon 2020 Data Breach Investigations Report references the fact that 30 percent of attacks involved an insider. While not all have malicious intent, insiders have privileged access to internal networks and present another threat vector, which must be planned for. According to the same report, 72 percent of the breaches involved large businesses and 86 percent were financially motivated. In many cases, the result was extended downtime, bringing operations to a halt for days and even weeks, potentially costing millions.

The cost implications are huge. According to Accenture, over $5 trillion total value is at risk globally over the next five years. This same report states “the average cost of cybercrime for an organization increased from US$1.4 million to US$13 million.” And that’s not even to mention the negative impact of damaged reputation and lack of shareholder confidence. It’s obvious that protecting your data is a strategic imperative for the long-term success of your business.

Prioritize What Matters Most

What can you do? While you should continue to do everything possible to defend your “castle”, you need to plan for scenarios, where defenses have been breached. Unfortunately, it’s no longer a question of if, but when your organization will be tasked with handling a cyber event. That doesn’t mean you are powerless – you can act now to identify and prioritize the data and applications required to ensure the continuity of your business. It sounds basic but effective security relies on defense in-depth and deploying layers of protections with your most critical data at the core. How confident are you in your ability to recover from a cyber attack? According to the Dell EMC Global Data Protection Index, 69 percent of respondents acknowledged they are not confident in their ability to recover business-critical systems after an attack.

Our Cyber Recovery Services: Assess, Advise, Design, Deploy

At Dell Technologies, data is part of our DNA. At Dell EMC, we were the pioneers in the development of disk arrays and mirroring technologies, which helped ensure that in the event of failure, data could be retrieved. Apart from security analytics solutions from our sister company, Secureworks, and our Incident Response and Recovery service, (link) we offer comprehensive Cyber Recovery Services, focused on all areas of operationalizing a cyber recovery solution. This includes advisory and design through validation testing and ongoing management. We start with dedicated workshops to get under the hood of your organization. We help you assess your business’s current state, review your recovery strategy, collect data on your applications, and understand their criticality to normal business operations.

Developing and Testing Recovery Plans

We will then work with you to integrate a NIST Cybersecurity Framework, effectively an aligned recovery solution that plans for a wide variety of threats, as well as developing and testing recovery plans and procedures. Critically, we will advise you on what should be protected in the air-gapped Cyber Recovery Vault. This is often referred to as the “crown-jewels,” “critical materials,” or “minimum viable company” – a collection of your most critical data and applications, which can be used to rebuild core functions first and get your business back up and running. This involves keeping those critical files off the production network and separated from production backup systems, which are often targeted first in an attack. With no direct network connection and multiple roll-back points available, this allows you to have an uncompromised “gold copy” ready for recovery.

Cyber Recovery Solutions

A picture paints a thousand words so let me share a couple of customer examples. One large company was impacted by a debilitating ransomware attack, causing significant loss. To reduce the impact of a future cyber attack on their organization, we worked with them to deliver a tailored end-to-end PowerProtect Cyber Recovery solution, consisting of hardware, software and services. This enabled them to meet their specific data protection and cyber security needs and they have now rolled this out globally as part of an enterprise-wide initiative.

Similarly, a large financial institution wanted to increase its cyber resilience and comply with new regulations in a key international market. We worked with them to deliver a tailored end-to-end Cyber Recovery Solution, helping them immediately comply with the regulators needs, while we worked with them to build out a global solution that would extend the capability to a larger percentage of their global backup applications and data.

The bottom line is that your data is your gold. Now more than ever, business resiliency is key. Protecting your business and your brand starts with protecting your data and developing a robust cyber recovery strategy. Contact your Dell Technologies Account Manager today – we’re here to help.

View this On-demand Session recorded during Dell Technologies World, May 5-6, 2021. “Increase Cyber Resilience: Recover with Confidence after a Destructive Attack“.

About the Author: Dermot O'Connell

Dermot O’Connell leads Dell Technologies Services Sales across the Europe Middle East and Africa region. Dell Technologies services includes a diverse range of technologies from PC as a Service to Dell Technologies Cloud Platform, with Consulting, Advanced Support, Deployment, Managed and Education Services making up the portfolio. With over 25-years’ leadership experience in the IT industry, Dermot is responsible for the strategic implementation of the division’s business and go-to-market strategy across the region. Dermot travels extensively to meet customers and partners, understand their business challenges, and identify how his team can best serve as a strong technology partner. As an advocate for entrepreneurs, Dermot has mentored startup companies at events such as the global Web Summit and speaks regularly on the importance of entrepreneurship as the engine for the global economy. He is also an Ambassador for MARC (Many Advocating Real Change), an initiative designed to develop a more inclusive work environment, and a key component of Dell Technologies’ diversity and inclusion strategy. Dermot joined Dell in 1993 and served in a number of senior sales, technical and enterprise roles before being promoted to General Manager for Dell Ireland, where he successfully led the business to double-digit growth and record market share, despite a challenging economic environment. He also served as EMEA VP and GM for the company’s OEM and IOT Division where he helped grow the business to record levels. He maintains a keen interest in technology and enjoys helping customers to see the art of the possible using leading IT capabilities. A graduate of Trinity College Dublin, he holds a bachelor’s degree in Information Systems. Dermot lives in Dublin, Ireland with his wife and four children.