Cybersecurity is not cybersecurity without detection and recovery. Anyone responsible for data security who doesn’t feel a chill when they read about another high-profile ransomware attack is either doing very well or very poorly.
The danger of being the victim of a cybersecurity problem is increasing as the volume of attacks increases. It also influences that each time, the attackers become more sophisticated.
Interpol highlighted how Covid-19 has affected both the number and nature of cyberattacks in 2020. They point out that “Vulnerabilities related to working from home and the potential for greater financial gain will keep cybercriminals increasing their activities and developing in a more advanced and sophisticated way. “.
Cybersecurity is not cybersecurity without detection and recovery
Keep in mind that there is no 100% protection. The natural reaction to such disturbing news is to seek protection and build walls. There are many companies whose livelihoods depend on providing just that. The best ones do a great job, and their regular threat reports indicate how many attacks win.
However, let’s not fool ourselves. No organization can guarantee 100% protection against attack. This is especially the case when those types of attacks change faster than most companies update their defenses. Data is often in too many locations, some forgotten by the user, and ultimately too many areas like this are likely to be outside of those protected by initial protection. Also for threat intelligence and analysis services. Even some approaches to data backup and restore systems can be somewhat random.
Focus on detection and restoration
We are clear then that 100% effective protection does not exist. So what should an organization do to protect itself? This does not mean that we should not use a protection service, of course. As a first line of defense, it is absolutely necessary. However, multiple lines of defense are needed for strong and reliable security. The more complicated it is for an attacker, the less likely they are to be successful.
Threat detection should be one of the first lines of defense in addition to initial protection and firewalls. It is extremely important to know that we have an attack perhaps even before it materializes. Sadly, too many organizations fail to recognize this and are under attack.
All this we mentioned is not speculation, just read some of our tickets about attacks last year to see that it is a fairly real threat.
For almost any recovery strategy, the data is only as up-to-date as the last backup made. Each organization has different needs, but each must weigh a variety of factors to determine how often to make such copies. You also have to take into account the downtime and resources required to get your business back up and running.
Depending on the size of the business, the team you need to dedicate to recovery, the nature of the business, the regulations and the budget, our needs will differ.
No, a simple backup is useless, although it is necessary
All this is relative and only the people on the team of each company are able to evaluate the above criteria and decide accordingly. However, what we can be sure of and apply to any organization is that it is useless just to back up data and wait to see what happens.
Through a robust and reliable backup and restore configuration, with strong malware detection capabilities, organizations have a real opportunity to protect themselves and get back to business. However, without the combination of a first line of defense that protects against cyber attacks and a reliable set of recovery measures, no organization has an adequate level of protection and recovery. There must be a compromise between these tools and those for attack and problem detection.