Today’s evolved threats demand practical cyber resilience
Wherever cyberattacks loom like an ever-present threat, achieving data resilience has become crucial for modern enterprises.
It’s important for organizations to prioritize and understand the significance of data resilience, according to Del Hoobler (pictured), principal storage software advanced technology specialist at IBM Corp.
“It’s different nowadays — there’s a serious threat against us,” Hoobler said. “These guys are after our data. And to be data resilient, you have to keep the bad guys out, but you have to assume they’ll get in. So, you have to put your perimeter defenses up, but you need to make sure your copies of data are secure and cannot be messed with.”
Hoobler spoke with theCUBE industry analyst Rob Strechay at the “Beyond Firewalls: Resilience Strategies for All” event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed what it means for enterprises to build data resilience in the face of evolving threats. (* Disclosure below.)
The urgency of data resilience
The urgency of data resilience is palpable and has significantly increased over the past five years. Organizations must recognize that cyber resilience is no longer optional; it is imperative for business survival. Cyberattacks have escalated to a level where they can disrupt critical infrastructure and pose a direct threat to human lives. A real-life example that underscores this urgency is the Metro-Goldwyn-Mayer Inc. attack, according to Hoobler.
“Everybody probably knows about the MGM attack already now — I was there right when it was happening,” he said. “Experiencing something like that firsthand, it’s like, wow, these guys aren’t just attacking casinos, they’re attacking hospitals — they’re attacking infrastructure. They don’t care who they’re attacking if they can get money from them. And now you’ve got cyber warfare out there, which really is about I don’t care about extorting your data.”
The incident highlights the audacity of cybercriminals, who are no longer just targeting casinos but are attacking critical infrastructure, such as hospitals. In this evolving landscape, cyberattacks are not merely about extortion; they aim to bring down entire systems, leaving no room for complacency.
“This is a real mission for me now because it’s not just a backup anymore,” Hoobler noted. “It’s critical data that they’re after [in] trying to bring us down, and so it’s really really exciting to be able to levy this attack against them.”
Starting the journey to cyber resilience
For organizations, especially smaller ones that may feel overwhelmed by the prospect of achieving cyber resilience, the key is to start the journey incrementally, according to Hoobler. The first step is crucial, as business continuity depends on it. Companies must acknowledge that they can’t do everything at once and should begin by taking the first step toward data resilience.
“You can take baby steps — cybersecurity [and] data resilience is not about an on/off switch,” Hoobler explained. “It’s a spectrum, from very weak to very strong. You never can be perfectly data resilient. The most important thing is to get started.”
A valuable tool in this journey is IBM’s Cyber Resiliency Assessment, available for free, irrespective of the technology stack an organization employs. This assessment is not an audit, but a conversation with security, storage and infrastructure teams, aimed at identifying the organization’s strengths and weaknesses in data resilience, according to Hoobler. It provides a baseline from which organizations can improve their standing.
“We come, we sit down very, very informally with your security team, your storage team and your infrastructure team, and we just ask you some questions,” he explained. “We don’t ask if you’re using IBM; we don’t ask if you’re using XYZ. We ask you basic questions that say, ‘Do you have a plan? Have you tested your plan?”
Practically speaking, the first step toward data resilience is encryption, since attackers will first try to harness the data to exploit companies and their customers, Hoobler added. Next up is immutability to shore up data backups and keep attackers completely locked out.
“If your snapshots and your backups are locked and secure, guess what? You have somewhere to restore from if they go after your primary data,” he said. “So, just take that first step, take that assessment. And we can help you when you start taking those right steps to get cyber resilient.”
(* Disclosure: TheCUBE is a paid media partner for the “Beyond Firewalls: Resilience Strategies for All” event. Neither IBM Corp., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One-click below supports our mission to provide free, deep and relevant content.
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.