Credit: Dell Technologies
Credit: Dell Technologies Channel Asia Q&A with Saravanan Krishnan, General Manager, Data Protection Solutions, South Asia, Dell Technologies
1. Since Covid-19 came to light, businesses have been in a constant state of flux, what do these changes mean for cyber security?
In the world of cyber security, one thing is certain – change. Firms would constantly patch, upgrade and deploy new solutions to keep up with new malware.
The pandemic introduced some new variables into that equation and has helped accelerate the pace of change needed to keep up, with firms pushing digital transformation initiatives into overdrive to stay competitive and facilitate new business enablement scenarios.
This has led to a fair bit of anxiety for IT decision makers (ITDMs) across the Asia-Pacific and Japan (APJ) region. The 2021 Dell Technologies GDPI survey of 1,000 global IT decision makers, 250 of which were from APJ, highlights that firms are managing more than 10 times the data they did five years ago. Firms are grappling with continued data growth and increased data protection complexities.
Close to three quarters of those surveyed in APJ were worried about increased exposure to data loss from cyber threats due to the growth in number of employees working remotely. IT leaders also cited concerns about being able to cope with malware and ransomware.
Emerging technologies such as AI and machine learning, containers and cloud-native applications were also identified as another cause of anxiety for them with “the lack of data protection solutions for newer technologies” being one of their top three data protection challenges.
In the age of increasing cyber threats, the stakes have never been higher and protecting data has never been more complex. The catch is that it is increasingly becoming clear that staying ahead of threat actors is not always going to be possible.
Firms are starting to accept that breaches are anything but inevitable. This represents a fundamental shift in “cyber security,” and means that organisations will be looking for partners with an extended set of solutions and capabilities on offer to help them navigate a threat landscape where the key question is not, “am I compromised,” but “when will I be compromised.”
2. If organisations have to start planning for inevitable breaches, does this mean we have lost the data protection war? Where do cyber security partners go from here?
It is far from game over for data protection. As an industry, we must start to evolve from being keenly focused on cyber security, and move towards embracing cyber resilience.
This means being prepared for cyberattacks, and their aftermath. However, the majority of ITDMs across APJ (82%) have expressed concerns over their current data protection solutions not being able to handle future business challenges. This could be costly as our research also shows that the estimated cost of unplanned downtime over the past 12 months averaged at USD$454,000. A proper cyber resilience strategy could go some ways to mitigate that.
Cyber resilience requires organisations to focus on the ability to respond to an attack, mitigating damage while protecting critical data and enabling recovery with assured data integrity to restore business continuity.
We are starting to see that cyber recovery solutions and services are an essential component of an overall cyber resilience strategy – cyber recovery solutions and services reduce the risk of damage to critical data, and the organisation itself, from cyberattacks.
To address this growing market need, we have together with our channel partners, helped develop robust and flexible cyber recovery solutions to enable organisations to become cyber resilient entities.
With an increased focus on cyber resilience, and not just cyber security, there is a clear opportunity for deeper and more valuable collaboration between service providers and end users. However, with cyber resiliency demanding a wider set of skills and solutions, the opportunity will be captured by the channel players who adapt to these needs.
3. What are the priorities in establishing cyber resilience?
In addition to the defences that prevent cyberattacks, firms need an effective data recovery framework which would ideally be built around three key components: data isolation, data immutability and data intelligence. This will equate to having physical and logical separation of data within an air-gapped vault, the preservation of data integrity and confidentiality with layers of security and controls, and the use of machine learning and analytics to help ensure recoverability.
The isolation of data in particular has been identified by several regulators and industry bodies as a best practice for cyber resilience. The Hong Kong Monetary Authority, the Singapore Computer Emergency Response Team and the Australian Cyber Security Centre are some examples of organisations that have recommended the use of air-gapped solution for backing up data. We work with multiple partners in the region to enable the provisioning of data vaults to serve as a last line of defence against cyberattacks.
Dell EMC PowerProtect Cyber Recovery automates workflows end-to-end to protect critical data, identify suspicious activity, and perform data recovery when required. The Cyber Recovery vault is disconnected from the network via an automated air gap and stores all critical data off-network to isolate it from attack. This promotes business resiliency, provides assurance following extreme data loss or destruction and includes both business and technology configuration data to enable rapid recovery of the environment and resumption of normal business operations.
It is also important to leverage an AI/ML analytics tool that is able to audit data and detect indicators of compromise and attacks such as CyberSense which is integrated with Dell EMC PowerProtect Cyber Recovery. CyberSense is constantly monitoring data integrity within the vault and detects mass deletions, encryption, and over 100 types of changes in files and databases that result from common attacks. If signs of corruption are detected, an alert is generated, with the attack vector and listing of files affected. This enables business operations to continue with minimal or no interruption and quickly rather than within many weeks or month.
The data sequestered away in a data vault would be selected based on the firm’s review of the accessibility and sensitivity of its data sets. Typically, we see firms focus on covering between 10 to 20 percent of its data with cyber resilience strategies.
4. How should organisations approach partners and consultancies when it comes to building their strategies to ensure cyber resilience?
The Dell Technologies 2021 GDPI survey revealed that firms working with a single data protection vendor obtained better outcomes than those using multiple vendors in terms of data lost as well as the cost of downtime. They were also less likely to experience cyberattacks or cyber incidents.
I would suggest that a preferred provider is one that is selective about the solutions they use and offer. They should offer scalability, strong DevOps capabilities, and flexibility. This means they should have the capabilities to roll out across multiple environments and be able to support legacy technologies as well.
Additionally, partners need to remain innovative, as we are seeing attack vectors constantly evolve as IT priorities remain fluid. Vendors and partners need to be committed to continuous innovation to make sure they keep up with the threat landscape.
To find out more about the Dell Technologies Security offerings visit our website.
