Story image

Damage control: Are your computer systems ready to recover?

11 Jan 18

Article by Splunk A/NZ area vice president Simon Eid.

Australian organisations could face massive disruptions in the wake of a computer shutdown or cyber attack because IT recovery systems aren’t up to scratch.

This is the latest message coming from Victoria’s auditor-general Andrew Greaves, after a recent audit of the state’s government agencies found that 41% of computer systems lacked disaster recovery plans.

This is just one example of the risks you face without sufficient processes to identify and recover systems. Businesses should take the findings from Victoria’s audit as a lesson to review their own IT disaster recovery plans. However, the most significant challenge for IT operations lies in getting staff to recognise, prioritise and act on disaster recovery. Here’s the smart way to handle it.

Be prepared

The Victorian auditor general's report recommends a disaster recovery group be set up to provide technical support and advice in the wake of an IT disaster.

While this is a good idea, an assigned individual within an organisation needs to be accountable for building and implementing the plan when disaster strikes. Cyber attacks are becoming more frequent and more sophisticated.

At the same time, it’s taking companies longer to realise the severity of a breach. Findings from FireEye M-Trends Report 2016 show the average number of days to detection is 146, and that 53% of attacks are detected externally, on average at 320 days.

The Yahoo hack is a good example. In 2016, Yahoo announced that more than a billion accounts had likely been affected by a hack which occurred during 2013.

In October last year, Yahoo claimed new intelligence which revealed that more than three billion accounts had been affected – that’s every single Yahoo user’s account.  

Back up for good

As indicated by the Yahoo example, businesses get interrupted and fail if they don’t have sufficient backups. We’ve seen a number of recent ransomware attacks where virtualised backups have also been destroyed.

Look no further than NotPetya which took down Cadbury’s chocolate factory in Hobart, Tasmania, as well as law firm DLA Piper Ltd.

The same attack cost Maersk, the world’s largest container ship and supply vessel operator, up to $300m in lost revenue because the company didn’t have backups in place.

The risk is real, but so too is the opportunity to detect ransomware in your network and mitigate risk. You need visibility into the validity of backups.

Enterprise backup solutions create detailed logs of all their activity, monitor the file output from these tools, and leverage the information in alerts and dashboards to confirm that critical systems are being backed up.

Attack capabilities have evolved beyond traditional detection boundaries. The major data breaches of 2017 are providing fertile grounds for new waves of ransomware and phishing, as attack vectors will continue to shift across the technology stack.

If you ask yourself now – How prepared is my organisation? How much visibility do we have of a potential IT disaster? – you’re already one step closer to recovering your systems from the disruptions of tomorrow.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Cohesity signs new reseller and cloud service provider in Australia
NEXION Networks has been appointed as an authorised reseller of Cohesity’s range of solutions for secondary data.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
NVIDIA sets records with their enterprise AI
The new MLPerf benchmark suite measures a wide range of deep learning workloads, aiming to serve as the industry’s first objective AI benchmark suite.
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.