October is Cybersecurity Awareness month—as it has been each year since the White House and Congress first designated it in 2004. In other words, we’ve been officially reminding ourselves to be aware of hacker attacks for each of the past 18 years.
From where I sit, as a long-time information technology executive and as a current CIO, I know we must do more than simply be aware of the threat. We need to recognize that it’s a war with no end. The bad guys are simply too numerous, relentless and endlessly inventive. We are engaged in a protracted battle during which we need to expect temporary setbacks and losses.
Modern data security must start before data is compromised, so instead of reacting to the inevitable security breaches, we must proactively prepare for them. It’s the only way to quickly recover and get back to business.
Here are 3 key points about cybersecurity that I’ve learned in my more than 25 years of work in data-intensive industries:
1. Prepare for the IT collision. Have a plan for it.
When there’s a security breach, the first response within organizations can often be confrontational.
Too often a cybersecurity team will rush to IT asking: “Do we have a data back-up?”
IT replies: “Of course we do, but how did these guys get in?”
Don’t underestimate the impact a security breach will have on your team and its morale and sense of pride. It is critical to ensure that potential finger pointing never happens. Instead, focus on creating common understanding that cyberattacks are inevitable, and that we all need to collaborate on an orchestrated team response from the get-go. Leave egos outside the room and focus on the problem at hand.
Be sure to have an incident response plan, with clear definition of roles and responsibilities. That includes having a well-practiced recovery plan in place — with a communications plan for keeping your customers, partners, regulators and the public informed about the situation, a core component.
2. A good backup is half the battle. Practice your restore too.
The only thing better than a good backup is a great restore. If you can restore your data crown jewels, you have your best chance to resume normal business. But that depends on having a tested, clean back-up.
3. Organizations take various approaches to backing up their data as part of recovery preparedness. Too often, though, there’s a false sense of security. Take a layered approach to your defenses.
One of the most promising security innovations I’ve seen in recent years is deception technology—an approach that populates your network with potentially hundreds of decoys that appear to the attackers to be real network nodes. We have fully integrated these technologies into our software platform, in the form of Metallic ThreatWise, which can spot and intercept threats before they do damage.
The more hurdles you create and distractions to intruders you provide and chances for them to leave footprints, the more time you buy for yourself and your security team to detect and respond to these intruders.
As I’ve said, cyberattacks are inevitable. The only true defense is to recognize that fact and take a proactive approach to security — building it not only into your data network, but into your organization’s philosophy and culture.
By Reza Morakabati, CIO, Commvault