Doomed if you don’t, and damned if you do – transformation increases cyber risk
After two years of relentlessly pushing a move to public cloud, Gartner has recently shifted its narrative. Hybrid Cloud is now the recommended way forward with two key reasons accelerating the journey to digital transformation. To put things into perspective, a hybrid platform will deliver 2.5 times the value of a single cloud or on-premises platforms.
While industries seek to adopt cloud or hybrid strategies to attract new buyers or obtain the agility to deliver new services faster, these technologies come with advantages, as well as risks.
The risks are born out of an open collaboration, which exposes more of the organization’s data to the outside world. This increases the attack surface and is the main reason why we’re seeing an escalation in cyberattacks.
In order to survive, companies need to transform, whilst at the same time recognising that with advancing transformation comes greater risk.
How can your organization continue driving growth despite cyber threats?
This refers to all the ways your business can prepare for, respond to and recover from cyber-attacks as quickly as possible so it’s up and running without suffering needless consequences.
The technology enabling these abilities is no longer “nice to have” because today’s highly complex IT infrastructures are at a considerable risk of cyberattacks which may cause business disruption and threaten continuity.
Cyber resiliency solutions for fast detection of data corruption and quick response time reduce downtime, while minimizing the impact of cyberattacks with fast and reliable recovery-enabling restoration of production-level operations.
Cost of a data breach is on the rise and remote working is a contributing factor
According to IBM’s Cost of a Data Breach Report 2021 data breach costs rose from $3.86 million to $4.24 million, the highest average total cost in the history of the company’s reporting on this topic.
Plus, the average total cost of a data breach ballooned by 10% year over year – the largest single year cost increase in the last seven years.
The report findings have also shown that the average cost was $1.07 million higher in breaches where remote work was a factor in causing the breach, compared to those where remote work wasn’t a factor.
Financial services are disproportionately affected with data breaches
The top 6 sectors most vulnerable to cyber-attacks in 2020 included small businesses, healthcare, government, financial institutions, education and energy, Western Governors University data has revealed.
Banks, however, were disproportionately affected, experiencing a 1,318% year-on-year increase in ransomware attacks in the first half of 2021, Security Magazine data has shown.
Server attacks, data theft and ransomware cases are consistent with attacker motivations in going after organizations that deal with money and cash management.
According to IBM’s Threat Intelligence Index, the attackers are less interested in paralyzing banks – their primary objective is accessing internal systems that can yield robust illegal gains.
As a result, banks and other sectors are pressured to get cybersecurity tools that can protect the confidentiality of data, preserve its integrity and promote the availability of data for authorized users.
The right solutions help organizations thrive amid cyberattacks
Important frameworks for empowering organizations against cybercrime have been laid out by the National Institute of Standards and Technology (NIST) and IBM has added a significant number of additional security features to its platform stack that address the NIST Framework. To be cyber resilient, an organisation needs to address the following:
- Data encryption. IBM Hardware encrypts 100% of data with its hardware platforms and importantly does the encryption without altering the business application data.
- Transactional resilience. Cyber resiliency is maintained by the data encryption process during transmission. In some applications, such as remote replication, data may be unencrypted while it’s at rest on drive arrays, but it’s encrypted during transmission to provide protection. Data is encrypted before transmission and decrypted and verified on arrival.
- Access level security. When a user requests to access encrypted data, the system determines whether the user has access permission. If access is allowed, IBM’s Data Privacy Passport will specify the level of access that the user is entitled to. The access level includes hidden data, hashed data, encrypted data or clear text data.
- Hardware level security. This type of vulnerability protection is enabled through a physical device that’s installed on the platform’s hardware. If a hacker tries to tamper with the machinery, IBM Cyber Vault will shut down part of the system, preventing further damage, kicks the hacker out and recycles the resource.
- Detection: IBM Q-Radar with its endpoint detection and response (EDR), network detection and response (NDR) and security information and event management (SEIM) in one framework eliminates advanced threats faster, saving valuable time.
- Speed of Recovery: The final dimension assumes your organization has been compromised. IBM CyberVault currently offers the fastest way to recover, minutes vs days. At its core an immutable copy is created, that copy is then verified in a separate storage partition, the uncorrupted copy is marked as valid and is capable of restore from the primary Flash storage array. IBM’s focus here is to get customers back up and running in the safest and shortest time possible. IBM’s LinuxONE, Power10 and IBM Flash are the best systems to deliver these services – it enables hybrid cloud and runs any Linux workload organizations need.
Sign up for our workshops to learn more
GBM offers two workshops that show you how to take steps towards protecting your most important data, while maintaining business continuity despite cyber threats.
- Basic workshop. We analyze your current HW systems to evaluate your organization’s security level and provide recommendations that boost existing security.
- Advanced workshop. Gain laser-sharp insights from our design thinking-led approach that looks at your organization’s existing and new projects to ensure that they are secure.
Contact me at [email protected] to discuss your cyber resiliency strategy, receive guidance on implementing the IBM Cyber Vault and achieve a highly secure environment for your most critical data.