Many global organizations now regard state-sponsored cybersecurity attacks as a major threat. Ransomware attacks have become the most lucrative cyber-crime area — in 2020 approximately 58% of ransomware victims paid versus 39% in 2017. It's no wonder — attacks ranging from nuisance malware to more sophisticated attacks can cripple an entire organization.
To mitigate cybersecurity risks, organizations of all sizes and industries are exploring more robust capabilities and frameworks to detect, prevent and respond to these attacks. One of these advanced capabilities is called cyber resilience. It gives an organization the ability to prepare for, withstand, recover from and adapt to adverse conditions, stresses, attacks or compromises on cyber resources.
What is cyber recovery vs. cyber vault vs. cyber resilience?
Cyber recovery is a data protection solution intended to address the risk associated with ransomware attacks and other critical cyber-attacks. It replicates and isolates key data to limit the impact of a cyber-attack on the business. Cyber recovery is intended to recover a recent, clean copy of application and service data.
Cyber vault solutions take cyber recovery a step further and help organizations recover all services and infrastructure needed to run critical business services. It accounts for application services like Active Directory (AD), Key Management Systems (KMS), Public Key Infrastructure (PKI) and Domain Name System (DNS), in addition to infrastructure services like computation, network connectivity and the data that a cyber recovery solution provides. It may also include a clean room, which allows for cleaning data in the event that malware was replicated into the data vault, but not yet activated.
Cyber resilience builds on cyber vault and provides a holistic cyber approach linking business, operations and technology considerations. It specifically refers to the ability of digital systems and technology-dependent business functions to plan, anticipate, continue to operate correctly and recover and adapt to cyber threats.
How does cyber vault relate to business continuity & disaster recovery?
Traditional business continuity (BC) and disaster recovery (DR) plans that most organizations have in place tend to be broad — covering many applications and services — but are typically designed for scenarios when just a few apps, services, or a data center go offline due to a single event such as a flood, tornado or hurricane. What these plans don’t account for are events where the entire IT ecosystem is at risk, as could be the case in a large cyber-attack.
Cyber vault focuses on scenarios where the entire IT ecosystem, including everything from end-user devices to core IT services, is affected by a cyber attack. Cyber vaults are activated only after traditional disaster recovery plans have proven ineffective, typically due to data and systems compromised by malware. In this crisis scenario, only mission-critical services are rebuilt and maintained to keep an organization alive while recovering.
WWT’s cyber resilience solution weaves people, process and technology considerations together to provide a complete solution for our customers to anticipate, prevent and recover from a cyber event. We want to invite you to a briefing with WWT experts to explore how to best protect your organization from cyber events.