sb-au logo
Story image

Damage control: Are your computer systems ready to recover?

Article by Splunk A/NZ area vice president Simon Eid.

Australian organisations could face massive disruptions in the wake of a computer shutdown or cyber attack because IT recovery systems aren’t up to scratch.

This is the latest message coming from Victoria’s auditor-general Andrew Greaves, after a recent audit of the state’s government agencies found that 41% of computer systems lacked disaster recovery plans.

This is just one example of the risks you face without sufficient processes to identify and recover systems. Businesses should take the findings from Victoria’s audit as a lesson to review their own IT disaster recovery plans. However, the most significant challenge for IT operations lies in getting staff to recognise, prioritise and act on disaster recovery. Here’s the smart way to handle it.

Be prepared

The Victorian auditor general's report recommends a disaster recovery group be set up to provide technical support and advice in the wake of an IT disaster.

While this is a good idea, an assigned individual within an organisation needs to be accountable for building and implementing the plan when disaster strikes. Cyber attacks are becoming more frequent and more sophisticated.

At the same time, it’s taking companies longer to realise the severity of a breach. Findings from FireEye M-Trends Report 2016 show the average number of days to detection is 146, and that 53% of attacks are detected externally, on average at 320 days.

The Yahoo hack is a good example. In 2016, Yahoo announced that more than a billion accounts had likely been affected by a hack which occurred during 2013.

In October last year, Yahoo claimed new intelligence which revealed that more than three billion accounts had been affected – that’s every single Yahoo user’s account.  

Back up for good

As indicated by the Yahoo example, businesses get interrupted and fail if they don’t have sufficient backups. We’ve seen a number of recent ransomware attacks where virtualised backups have also been destroyed.

Look no further than NotPetya which took down Cadbury’s chocolate factory in Hobart, Tasmania, as well as law firm DLA Piper Ltd.

The same attack cost Maersk, the world’s largest container ship and supply vessel operator, up to $300m in lost revenue because the company didn’t have backups in place.

The risk is real, but so too is the opportunity to detect ransomware in your network and mitigate risk. You need visibility into the validity of backups.

Enterprise backup solutions create detailed logs of all their activity, monitor the file output from these tools, and leverage the information in alerts and dashboards to confirm that critical systems are being backed up.

Attack capabilities have evolved beyond traditional detection boundaries. The major data breaches of 2017 are providing fertile grounds for new waves of ransomware and phishing, as attack vectors will continue to shift across the technology stack.

If you ask yourself now – How prepared is my organisation? How much visibility do we have of a potential IT disaster? – you’re already one step closer to recovering your systems from the disruptions of tomorrow.

Link image
Creating a lean business machine with automation and low-code
Forrester data indicates that process automation was a strategic initiative for many organizations before COVID and remains so after. Catch this webinar to learn more about automation.More
Story image
5 ways to use data science to predict security issues - Forcepoint
Data science enables people to respond to problems in a better way, and to also understand those problems in a way that would not have been possible 50 years ago.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
Survey: Cybersecurity top priority in digital transformation journey
"Companies of every size are finding themselves restarting their digital transformation journeys."More
Story image
Video: 10 Minute IT Jams - Who is Vectra AI?
Today, Techday spoke with Vectra AI head of security engineering Chris Fisher, who discusses the company's key products and offerings, updates on its operations in the A/NZ region, and the latest improvements on its products.More
Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More