Everyone's being told they should have a Cybersecurity strategy, but where do you start? Hacker detection systems?
As a business owner or IT manager, you'd likely argue you don’t have hackers in your network right now and in all probability, you'd be right, maybe. But that might not be true tomorrow, or next week, next month or even in an hour's time. It might not be a hacker who has targeted you, but simply malware that has found a way to wheedle its way into your network with some employee phishing, or simply a drive-by of your Internet connection which had an exposed vulnerability.
You might find out about that soon, or it could sit dormant for a while, discovering your network, waiting to be activated. But, when it pounces, you better be ready.
Having alarm bells go off because your hacker detection system has finally spotted something is of little value if the damage has already been done. It's a bit like your company burglar alarm system failing to detect the break-in, but only ringing as the thieves break their way out. By the time you react, they're long gone. It's not unheard of for hackers to first of all disable the hacker detection software.
If it's malware it might have encrypted all your files. Far too many companies are having to pay the ransom because they had zero backup. Then they pray the decryption key arrives and works. With a great Backup and DR system, you can be back operational in a time-frame measured in minutes. However, if you only back up once a day, overnight, you could lose all of today's work, or more if last night's backup had failed. It's not unheard of for hackers to disable the backup systems. Would you know if your backups were actually taking place? When was that last checked and tested?
What would you do if rather than a big-bang encryption of your files, malware had been sitting in your network for weeks, silently altering data in your spreadsheets and documents. How would you track through your backups to determine what might have been maliciously been altered?
Your Backup and DR system needs to be fit for purpose. What was fit for purpose a few years ago may be woefully inadequate today. It's no longer just about backing up data in the event someone deletes some files or a hard drive fails.
Today's Backup and DR system needs to be the foundation of your Cybersecurity strategy.
“When all else fails, it's your Backup and DR system that'll save your company. It better be epic.”
Our next blog post will discuss the key features you should have in your Backup and DR system.