Very recently, JBS USA Holdings Inc., the world’s largest meat supplier had to shut down its systems to slow down an online attack. The company paid $11 million to a criminal ransomware gang to regain control of its systems. This is just one instance of a business, among thousands, that has been at the mercy of cybercriminals. Regardless of how big or powerful an organization is, today’s sophisticated cybercriminals can bring it down.
A recent Intel study reported that most small and medium sized businesses had dealt with malware (77%), ransomware (63%), data theft (63%), phishing attempts (75%), and focused hacks (67%). Two in three IT decision-makers agreed that the pandemic accelerated the expansion of their overall digital footprint, increasing their vulnerability.
Simultaneously, the world of cybercrime is getting more sophisticated. Hackers use Artificial Intelligence (AI) and Machine Learning (ML) to launch attacks. Deep Learning approaches that can guess passwords use Generative Adversarial Network techniques to make phishing look old-school. Making things more difficult is that hackers are turning to exotic languages such as Go, D, Nim, and Rust to evade detection. Even when discovered, expertise in these languages is not readily available, delaying defensive actions.
Nothing short of military-grade defense can stop today’s sophisticated breaches. Organizations are acutely aware that as technologies and trends such as IoT, mobile, 5G, work from home, and state-sponsored cyber war grows, they need to increase their focus on security. Analysts forecast that the security market, valued at $150.37 billion in 2021, will reach $317.02 billion by 2027.
With significant investments being planned, how should organizations strategies their security for maximum impact? Wipro and Intel have created a joint approach to answer that question. The method ensures organizations create a threat defense architecture and bring AI/ML techniques into play for superior threat detection. In addition, Wipro simplifies recovery from an attack using automation for service-level tasks. This helps accelerate vault-to-production data recovery.
Click to access a complimentary Gartner® research on Innovation Insight for Leveraging Isolated Recovery Environments and Immutable Data Vaults to Protect and Recover From Ransomware.
Recommendations for a cyber resilient organization
The hallmark of an excellent security strategy is that it attempts to reduce the time taken to identify, analyze, respond, and recover from an attack. There are five cornerstones on which an organization can build its ability to do this:
- An end-to-end defense assessment
- Identity and Access Management (IAM) with multi-factor authentication
- Privilege Account Management (PAM)
- Adherence to NIST, MITRE ATT&CK, and SANS standards
- Exercise plan, simulation, and test for communication and IT control
Technology elements for cyber-resilient data management
Wipro’s cyber resilience program focus on the cornerstones by including:
- Disaster recovery and backup modernization
- Immutable backup storage repositories
- Air-gap architecture
- Cyber security frameworks
- Air-gap architecture for achieving data isolation
- Retention locks that prohibit deletion/tampering of data
- Periodic testing of backed-up data for vulnerabilities
- Anomaly detection for attack vectors, including entropy changes, data change rate, and anomalous encryption
- Strategies to lower the attack surface
- Automated recovery testing for the recovery point objective (RPO)
The reimagined 3-2-1 Resiliency Principle
It is time for organizations to re-evaluate the classic 3-2-1 Resilience Principle in a hybrid and multi-cloud environment. The principle requires an organization to keep at least three copies of its data—two on different media and one offshore. With distributed IT, data mobility, and increasing exposure to the cloud, it is best to use a solution that offers air-gapped and multi-cloud tertiary copies. Our reimagined approach (see Figure 1) balances cost, protection, manageability, and recovery speed.