Cyber ​​resilience: expanding IT security | Pentest7

top cybersecurity companies

Nevzat Bucioglu, Country Manager Germany at Infinidat, explains in a guest article how resilience or cyber resilience expands the concept of IT security on three levels.

Cyber ​​criminals and their machinations are on everyone’s lips in the IT world, as are IT security measures that are designed to protect companies from these machinations. In order to cope with the current challenges in cyberspace, companies must expand their approach to IT security in the direction of cyber resilience. “Cyber ​​resilience” is understood to mean the ability of a company to maintain IT operations at an almost normal level, even though it has been the victim of a successful cyber attack.

Data security on three levels

Cyber ​​resilience requires a rock-solid foundation. A corresponding structure of the data storage infrastructure provides this basis. The infrastructure should offer data security on three levels:

  1. The physical level: A mechanism should be implemented on the physical level that can detect errors in data carriers (SSD, hard drives, etc.) and react accordingly. This prevents problems at the hardware level from leading to restricted data availability.
  2. The system level: When it comes to “redundancy”, many people think of mirrored data centers and similarly complex measures. Much more important, however, is redundancy at the system level. Technologies such as RAID are usually used here: Redundant Array of Independent Disks. The redundancy can be created within an array, but usually includes several arrays. One array each forms the node of a cluster. A typical high availability cluster comprises at least three nodes.
  3. The management level: At the management level, fast cyber recovery must be ensured, i.e. the ability to make data available again quickly after a successful cyber attack has occurred. The best way to get there is with immutable snapshots. Such immutable snapshots can be created with WORM (Write Once Read Many) technology, for example, which ensures that copies of the data cannot be deleted, encrypted or changed. In this way, a virtual air gap, a separation between the backup data sets and their snapshots, can indeed be created.

This data security on three levels can be achieved primarily through the use of appropriate software. The hardware itself cannot guarantee cyber resilience without intelligent software. The software that controls the storage infrastructure ensures that errors on the physical level can be identified and rectified. It also ensures redundancy at the system level with multiple nodes and creates the immutable snapshots required for redundancy at the management level.

Cyber ​​recovery

The role of cyber recovery for cyber resilience is worth a separate section, because rapid re-availability after a successful cyber attack is crucial, because ultimately the best security precautions cannot offer 100% protection against criminals with a correspondingly high level of energy. A company needs to be prepared for the day when a cyber attack is successful and needs to recover data that has been lost in the primary systems or whose access has been blocked by ransomware. Immutable snapshots offer the advantage, among other things, that they enable very flexible backup strategies as well as extremely fast recovery times. Users can define the snapshot frequency almost as desired and, in the event of a cyber attack, refer to any snapshot from the past as a recovery source. The recovery time is close to zero, because data does not have to be transferred from a remote data center or the cloud, but the system is simply referred internally to a specific snapshot that is immediately available. To be on the safe side, the restored system can first be checked in a sandbox before it is activated, but is in principle almost immediately available.

What does this cost?

Whichever technology a company uses to secure its data, additional security always requires additional storage capacity. In addition, the use of new technologies such as artificial intelligence and machine learning ensures an almost exponential increase in the amount of data. That is why a successful cyber resilience strategy must not ignore the cost factor. What use is the best approach if it cannot be financed?

Companies should therefore ensure that their storage systems are scalable accordingly without breaking the bank. Most all-flash systems, for example, will quickly get costs out of hand. Systems that use industry-standard hard drives for data storage and with intelligent software achieve a performance that is at least equal to all-flash systems are more cost-effective. Combined with a flexible consumption model that always provides sufficient storage capacity but only bills for what is actually used, such a system ensures that cyber resilience remains affordable.

Leave a Reply

Your email address will not be published. Required fields are marked *