Category: Uncategorized

In this blog, we’re going to discuss the importance of cyber resilience in challenging times. But fair warning, things aren’t about to get any easier. There are vital fundamentals that we can use to protect our IT landscapes, but are these enough? Or is it a case of evolving or dying a death?

 

Bad news first…

It’s an emerging trend. Traditional cyber-security measures aren’t enough anymore. Protecting organisations from the spate of persistent attacks feels like an unmanageable task.

In our last blog, we spoke about the growing number of cyber-attacks in 2021. And, we took a look at some of the major attacks over the last year. In a word, ransomware attacks alone are accelerating, fast. Both in pace and complexity. Let’s take a look at some statistics.

 

• In 2020, the average business cost of a cyberattack is $3.86 million and it takes over 200 days to detect the breach. (IBM)
• Ransomware attacks cost businesses an estimated $20 billion in 2020, having grown by over 50 times since 2015. (Cybersecurity Ventures)
• There will be nearly 3.5 million open cybersecurity jobs waiting to be filled this year, with over 500,000 open positions in the United States alone. (Net Sparker)
• 68% of business leaders felt the risk of a cyberattack increasing. (Accenture)

 

If you’re in the right job, these numbers won’t come as a surprise to you. But we implore you to ask yourself, ‘what am I doing about it?’. You might not have a clear answer. You might have a strategy that you’re yet to find time to execute (FYI, using Predatar can save a whopping 62% of your time. Fancy that? Find out more here).

But we digress. You may have a well-thought-out and constructed plan. Good for you. But this article might make you think again about how you’ve formulated that plan.

 

How many?!

There are endless ways a cyber-attack can present itself. But the top 3 types of cyber-attacks that cause mass disruption and cost are as follows:

 

Social Engineering

A manipulation technique that exploits human error to gain private information, access, or valuables. You could call it ‘human hacking’.

 

Ransomware

Yep, it’s the big one. We probably don’t need to remind you, but ransomware is a type of malware. The malware is used to infect a computer network, gain access to critical data, and then hold that data to ransom for a sky-high sum.

 

DDoS

A Distributed Denial of Service is a malicious network attack where hackers overwhelm a website with false traffic or requests.

 

The Good News

Cyber resiliency powers and accelerates business value. It helps enterprises prepare for, respond to and recover from cyber threats. Meaning, they can thrive in the face of adverse conditions.

The concept of cyber resilience is underpinned by the assumption that cyber-criminals will break down any network defenses intended to stop them. It’s a dismal outlook, we know. But it’s worth the strategy it fosters.

As part of a strategy, the following key components are fundamental in your planning. They will form your baseline plan.

 

1. Encryption
2. Immutability
3. 3rd Copies
4. Airgaps

 

Now, let’s go back to that all-important question: ‘what am I doing about it?’. We’re guessing that one or two of these things might have popped into your head when we asked you. But we’re here to tell you, these fundamentals aren’t enough.

Having these things can’t guarantee that your business, data, and infrastructure are protected. You’ll need to be able to answer the following questions for a robust cyber resiliency strategy.

 

• How do you ensure your backups will recover?
• How do ensure those backups are clean?
• How do you recover fast to a clean environment?

 

The answer therein lies in Recovery Orchestration. This technology allows you to automatically detect an intrusion and recover from it at the drop of a hat.

Having a strategy that includes recovery orchestration will help your business to:

 

Step up automatic tests

You’ll be able to make the most of intelligent automation and continuously test your backups, 24/7. You can also search for high-risk systems and prioritise accordingly.

 

Work out what’s infected

With ransomware recovery in place, you’ll have minimised your data loss and downtime. Ransomware Recovery Orchestration workflows will automatically search through your systems to find the newest backup that shows no signs of infection.

 

Put your systems into quarantine

In the event of an attack, you can protect the latest unaffected version of your data by isolating it in a safe place, either on-premise or in the cloud. Quarantining your data will allow you to assess your systems.

 

Check all your data is clean

Now your data is out of harm’s way, ransomware orchestration will automatically run all the necessary checks for you. It’ll scan through your backups to ensure all your data is completely clean.

 

Bring everything back

Once your systems have got the all-clear, you can instantly recover individual nodes or restore everything in one go. You can automate putting what you need back into your live environment.

 

Then, you’re good to go!

 

Predatar is at the forefront of disaster recovery automation and works intelligently with IBM Storage Protect. With Predatar on your side, you should never need to pay a ransom or lose your critical data. Use intelligent automation to maintain best practices and protect your business against data disasters. Contact us to find out more, or see for yourself how much money we could save you by using our online savings calculator.

 

 

Article By Nile Zahran | Head of Product Innovation 

 

 

 

Join us for a look back at the major ransomware attacks this year and the larger hierarchy behind modern attacks.

News of catastrophic cyber-attacks are a regular occurrence these days. So much so that we’ve become calloused to their causes and consequences. In a recent threat report by VMWare Carbon Black, 94% of surveyed organisations had suffered a data breach at the hands of a cyber-attack, just in the last 12 months. Clearly, complacency is the last thing we need in the wake of these statistics. But what’s the best way to avoid complacency? How do we avoid falling victim to the new wave of malware?

 

The DarkSide of REvil

First and foremost, we must examine attacks to find common patterns. This is the most effective way for organisations to strategise and implement good defense practices. So, let’s take a look at some recent examples from this year.

Some of the most notable attacks have targeted Colonial Pipeline, meatpackers JBS SA and the national health service of Ireland; so, what’s the common pattern between each of these attacks?

They were all perpetrated by the hacking group known as DarkSide. But, if we zoom out a little, you’ll find the makers of the ransomware itself. REvil (also known as Sodinokibi). REvil operates as a ransomware as a service (RaaS) provider to multiple hacker cells.

Attacks used to be a series of isolated actors carrying out targeted campaigns. Now, a huge range of ransomware providers offer up the actual code to criminal groups who can then automate the planning time to strike their victims hard and fast.

 

The REvil business model

The ransomware produced by REvil targets both Windows and Linux systems by encrypting all files with RSA-1024 and RSA-4096. REvil sells its software as a toolkit for hackers to target specific organisations, all whilst collecting a commission from successful ransoms. After that, it’s a case of businesses either paying or not. In the latter case, REvil has been known to respond by publishing sensitive files online. Or, in the case of high-profile victims such as Apple, auctioning off files to the highest bidder.

The causes they expose and exploit are often down to insecure RDP servers or phishing attacks. Whilst both can be mitigated, the chance of falling victim to either should be a major concern to all. Securing a company against both may postpone a ransomware disaster, but won’t be much help when they’re then faced with the choices of paying a hefty ransom or frantically negotiating. For a front-seat view of what the attack would look like on your own desktop, watch this 2-minute video by Sophos.

 

The attack on kaseya

Days before the 4^th of July weekend, a brutal attack hit Kaseya, a company that provides VSA software to MSPs. By exploiting an authentication bypass vulnerability and elevating privileges, an installation package was sent off to dozens of Kaseya’s customers. But with around 30 MSPs being impacted, this meant that at least 1500 end users, many being SMEs, were in for a rude awakening. This was essentially a supply chain attack whereby a flaw in Kaseya’s software opened the gates to a host of unprepared SMEs. From Swedish grocery stores to US technology suppliers for the NASA, all were directly impacted by REvil’s ransomware.

 

Preparing for the future

Cyberwarfare is becoming a prominent part of militaries around the world. So it’s likely REvil and similar groups aren’t going away anytime soon. Ransomware will remain a major problem for years to come. With organisations in the US having lost a combined total of over 7 billion dollars in 2019, and the industry expected to grow rapidly into the next decade, ransomware is a profitable venture. Cyber insurance offers up a monetary cushion for these situations. But it can’t recuperate the damage to reputation, business downtime and the bittersweet joy of bartering your ransom down to the nearest thousand.

The only way to stay assured is by taking constant backups of your organisation’s data. At which point, you can at least rest assured that if the worst is to happen, you can bounce back with minimal disruption to your business. You can learn more about that here, where we talk about how to prepare for ransomware attacks. In a nutshell, stay one step ahead with prepared counterattacks that can trip criminals up. Give them the satisfying faceplant that they deserve!

 

Article by  Nazish Malik

 

Well, do you?

The song written and performed by the Beatles back in 1968, still carries true today.  Revolutions, both large and small are ongoing – and much needed – part of society. In a modern, IT-driven world of interconnected devices and internet access from virtually anywhere, cyber-security is on the cusp of a digital revolution. And IBM is gearing up.

IBM recognises that cyber-security is a major risk for organisations. Just as cyber threats evolve over time, so must the tactics and strategies to defend against attacks. Few organisations are better equipped than IBM to offer comprehensive, end-to-end cyber-security solutions for customers.

Protect, Detect, Respond!

At the forefront of this strategy is IBM artificial intelligence, powered by IBM Watson. It’s an essential ingredient to providing the fundamentals elements of cyber-security;  Protect, Detect and Respond.

Each stage is key in a complete cyber resiliency strategy which places IT and security administrators under constant pressure. All too often, they’re not provided sufficient resources to defend against external threats, especially at scale.

Protecting on-premise and cloud environments against cyber-attacks involves a wide range of considerations. From user authentication and identity management, security of network core and edge access points, collaboration tools, centralised storage systems, virtual and physical servers. And, of course, the data protection solutions that are responsible to protect and recover the application ecosystem that drives the business.

Each area has a role and unique security requirements in order to protect against cyber-attacks, but as we have seen within the industry, attacks still occur. So, when they do occur, you need to ensure your detection capabilities are up to the task of accurately analysing and identifying threats that require immediate action. Once the threat has been accurately identified, the response plan must be initiated to repel the attack. Or, recovery plans should be initiated to eliminate the intrusion from the environment before it has been activated.  All of these elements are complex stages and absolutely require proper planning and the power of AI and automation to scale and respond.

What is IBM up to?

IBM is leveraging AI to provide organisations the ability to respond, at scale from cyber incidents. They’re also applying the same principles to modern and secure application development. You can view the video from IBM Cloud detailing IBM’s use of AI for Cybersecurity, narrated by Sridhar Muppidi, CTO of IBM Security.

 

Artificial Intelligence for Smarter Cybersecurity

https://www.youtube.com/watch?v=rH9-m7AhJhk

 

This video outlines IBM’s future vision for AI and Cybersecurity. But, we know that revolutions don’t occur overnight. For many organisations, there’s a clear and present threat to their data today. That poses the question, what you can institute today to protect, defend and respond?  It’s a big question and it deserves a big answer, but as with any strategy each organisation will need to assess their strengths and weakness to determine where to focus their time, effort and investment.

Naturally, IBM has this covered too. Their CRAT (Cyber Resiliency Assessment Tool) is available today for no financial cost.  It will provide you a comprehensive analysis and provide a recommendation to an effective cyber resiliency plan. Visit the link below to review IBM’s CRAT (Cyber Resiliency Assessment Tool) and get started today.

 

CRAT (Cyber Resiliency Assessment Tool)

https://www.ibm.com/downloads/cas/W7VJLDPE

 

While there are tactical changes you can make today, part of your strategy for the future should be to align with the upcoming IT Revolution of hybrid cloud and containerisations, which brings inherent qualities that provide protection and isolation against today’s cyber attacks.

The last time we shared our thoughts on airgaps, we spoke about S3 and the idea that it can give you an airgap similar to the one you’ll get from using tape as part of your backup solution. You can read that blog here to give you a better insight into what we’re about to cover. But to save you some time, we concluded that S3 wasn’t quite the same. Any organisations considering using S3 have to weigh up whether the security offered by the tape airgap outweighs the benefits of using S3.

After we published our blog, one of our customers got in touch wanting to know more about the pros and the cons, and the additional judgments needing to be made when weighing up their options. And kudos to them, because it really got us thinking. Digging deeper into the pros and cons of each storage type could easily become a never-ending rabbit hole, so we’ve outlined everything as simple as we can, right here.

Unravelling Physical Tape

Firstly, let’s look at the grandfather clock of backup storage: physical tape. And, before we go on, you can read more about physical tape here, where we talk about backup and storage through the ages. It’s riveting stuff, really.

As we’ve already mentioned, tape is immutable. It’s simply not possible for somebody to write to a tape once it has been removed from the tape drive. There’s no chance that your data is going to get encrypted once it’s been stored there. The other major selling point for tape is capacity. An LTO-7 tape can store 6 TB of raw data) or 15 TB of compressed, whilst LTO-8 has numbers of 12 TB raw and 30 TB uncompressed.

For organisations that are looking to retain a lot of data in an archive for a long time, the combination of security and capacity might be what encourages them to go for tape. Then, we have cost. Seems simple, right? But it’s just not as simple as it was a decade or so ago.

This is because the difference in the per TB cost between tape and disk is no longer the vast chasm that it once was. Over the last ten years, the cost of storing data on disk has fallen by over 80%. This means that whereas disk was once seen as a premium purchase, it’s now a commodity. So, how can tape compete?

Searching S3

Let’s look at some of the strong points of S3 storage in the Cloud. Most vendors will charge you for that S3 storage based purely on usage. If you are using 1 TB of storage, you’ll get billed for 1 TB. Hardened storage admins will know all too well how tricky it can be trying to eke out the last dregs of capacity in an overburdened array; that shouldn’t come into the equation with S3. In fact, the storage admin needs to be more focused on keeping the storage utilisation under control. With unlimited storage, it’s easy to use more than you really need.

As we’ve discussed, one of the flaws with any form of disk storage is that it’s never completely immutable. Although, that’s what your storage vendor might tell you. You might be told that your object storage is immutable because it doesn’t use the same protocol as your native file systems. And – or – because your backup application can only talk to it via API. But, there’s probably still the capability for a rogue actor to remove data directly from the buckets. In which case, you’d only find out when you tried to recover the data.

Winner winner, Tape or S3 for Dinner?

If things still feel a bit foggy to you, we’ll outline it here in a table. Each feature is marked out of 3 Predatar Approval Points.

If your priority is to preserve that airgap and to ensure that the data your company is keeping long-term is secure, storing that data on tape is going to be a compelling direction for you. If that’s not you, then you might want to consider the flexibility that you can get from S3. Just make sure that you consider any security implications are taken into account before you start to use it.

190 miles in 90 minutes, 6G in the turns and speeds of over 210mph. These are just some of the statistics that make F1 the global spectacle that it is.

All it takes to win is the fastest car and the best driver, right? Not quite. Take the Mercedes F1 team for example. For 7 years, they’ve been the team to beat but this year, they’re facing an evolved Red Bull team with a car and a driver to rival their own star of the show. For the first time since 2013, Red Bull are also leading both the constructors and the drivers’ championship.

 

Why is this, and what’s it got to do with cyber resilience?

We could just assume that their car and their driver are the stronger competitor, but there’s more to it than this. Over those 7 years, Red Bull have been evolving, innovating, and looking for ways to close the gap. In fact, they hold the world’s fastest pitstop ever (1.82 seconds!) for this very reason. In the meantime, they’ve also been working on developing a car and recruiting the right driver to rival Mercedes. In fact, it’s pretty clear that Mercedes have started to slip up. So, some might say that this has left Red Bull with a sturdier racing strategy with greater longevity and chance of success than Mercedes.

But hey, we hear you. You’re not here to learn more about F1, you’re here because you know that the world is undergoing a digital transformation, and this means you need to keep up. You might say, the race is on. Get it now? We thought you might.

 

The race to resiliency

Not unlike F1, the race to resiliency in an evolving digital world is highly competitive and pressurised. It takes agility, consistent development, investment, and commitment to continuous improvement. And, much like a sponsorship, it also requires selecting strategic partners to help you get to where you need to be. With these assets, businesses are in the game, but are they in a position to get ahead? Are they future-ready? Not necessarily.

 

Pitstops

You’ve got the car (the technology), you’ve got the driver (your partners, employees, and stakeholders), but are you practicing? At Predatar, we’d hazard a guess to say that many businesses are perhaps not practicing and testing their cyber resilience strategy as much as they ought to be. Even with the right tools, you’re not guaranteed foolproof cyber resiliency against advancing ransomware. We think an effective disaster recovery plan and continuous testing is the key to sustained success when you’re in the race to cyber resiliency.

But why aren’t businesses doing this more vigilantly? Simply, it’s complex, costly, and time-consuming. But without these investments, businesses will be making the same mistakes as Mercedes. Without practicing and testing on a regular basis, they won’t have the competitive edge they need to because they will not be able to perform effectively enough when it’s most critical to do so.

 

Powering through

This is where automation comes in. By using automation to power resiliency, businesses will be able to greatly limit cost, reduce time and reduce the complexity of regular testing. As a result, when that critical time comes and ransomware takes hold of your important data, your backup and recovery processes will be operating like a well-oiled machine. Ransomware? More like ransom who! (We’ll let ourselves out after that one).

To round things off, if you want the competitive edge for your business’ cyber resilience strategy, contact us for some free advice on how you can quickly supercharge your IBM Storage Protect estate. We’re here to keep you one step ahead in the race for resiliency and ready for the finish line.

 

Welcome to the Summer of 2021. We’ve made it through what can only be described as a year and a half of both ordered and disordered chaos for much of the global population. From the onset of a global pandemic to fast and furious ransomware attacks on our world’s most seemingly secure industries. And let’s not forget, the general upheaval to everyday life – it’s been a challenge.

If I hear the phrase ‘remote working’ one more time…

One of the biggest issues the IT industry has faced globally is the switch to remote working. Yes, we know. You’ve heard it all before. But stay with us. Having to protect remote workers from cyber threats in the same way you would in an office is no easy task. It’s a process that includes maintaining cloud and on-premise office spaces; constrained budgets and unprecedented cost-cutting, all whilst trying to keep up with evolving technology.

Trying to do more with less has never been pushed on IT departments as much as it has been over the past year and a half. With stress levels boiling throughout major industries and cyber threats looming around every corner, the mental health of employees has been a casualty of war during the pandemic. For IT teams, keeping businesses afloat – and piecing together the strangeness of remote working company-wide – has been a particularly arduous and difficult task.

Of course, this is on top of the other trials and tribulations that the pandemic has had to offer. When your IT teams are fighting battles on both fronts, it can certainly feel a little hopeless at times. Maintaining a company’s infrastructure and cyber security at a time like this is a bitter pill to swallow. So, in the words of the late and great Robin Williams, be kind, always! This could mean taking a closer look at company culture; but it can also mean easing the pressure on your IT teams through various means, like automating tedious tasks, keeping your software up-to-date, or even implementing new, more efficient systems.

 

Incidents, incidents, incidents

Over the last year, the sheer number of blogs, articles, and reports on incidents and breaches is staggering. A quick look on the UK Government cyber page is enough nightmare fuel to power IT teams for a decade.

Let’s take a closer look at this.

“Four in ten businesses (39%) and a quarter of charities (26%) report having cyber security breaches or attacks in the last 12 months. Like previous years, this is higher among medium businesses (65%), large businesses (64%) and high-income charities (51%)[footnote 1].

This year, fewer businesses are identifying breaches or attacks than in 2020 (when it was 46%), while the charity results are unchanged. This could be the result of a reduction in trading activity from businesses during the pandemic, which may have inadvertently made some businesses temporarily less detectable to attackers this year.

However, other quantitative and qualitative evidence from the study suggests that the risk level is potentially higher than ever under COVID-19, and that businesses are finding it harder to administer cyber security measures during the pandemic. For example, fewer businesses are now deploying security monitoring tools (35%, vs. 40% last year) or undertaking any form of user monitoring (32% vs. 38%). Therefore, this reduction among businesses possibly suggests that they are simply less aware than before of the breaches and attacks their staff are facing.”

And breathe. In short, get help. Get testing, get patching and voice your concerns business-wide.

 

So, what now?

Let’s be honest, we already knew that the IT landscape isn’t looking inviting in 2021. With sophisticated attacks (think Sony and Solar Winds) affecting so many companies, lying dormant for months, it’s hard to comprehend just how much damage has been done! When the tools you use to keep your business protected get compromised in an attack, it’s imperative you have a good backup strategy to get you safely and securely out of hot water.

So, we’re here to remind you that you’re not alone and to ask for help. These tips may just shed some light.

1. Make a Disaster Recovery plan and test it! Not all systems are created equal, so some documentation goes a long way on understanding how things work
2. Embrace multiple operating systems – Mix and match! Viruses are normally coded for a particular operating system *Cough, Windows*. Have at least one backup server on a different OS.
3. Embrace the 3-2-1 Backup Model. The 3-2-1 backup strategy simply states that you should have 3 copies of your data (your production data and 2 backup copies) on two different media (disk and tape/cloud) with one copy off-site for disaster recovery
4. Patch everything 4 times a year, at a minimum. If you can’t upgrade it and keep it secure, consider this: why do you still have it?
5. Remind your users to engage their brains in opening emails and receiving files from people.
6. Don’t just take that 3^rd party’s word their new software is safe or even your own. Test it. Check it. Patch it.
7. Embrace your shortcomings and reach out. Escalate it. Outsource work, or at the very least, try to spark up a conversation.
8. If you’re using Storage Protect and are finding the admin and management of it troublesome, look into Predatar, or at the very least Predatar Insights

 

To conclude as it were, it’s tough out there. If you’re concerned about the management of your infrastructure, give us a call or drop us an email. We may have the right solution, even if it’s just an airgap for your backups on-premise or in the cloud. Look after your infrastructure, but more importantly, look after your people.

 

Signing off!

Blog written by | Anton James | IT Manager, Predatar

 

 

 

 

 

 

 

Short answer? Very important. When customers are talking to us about the security of their backups, there are some phrases that come up again and again. The unforgiving reality of ransomware attacks is beginning to sink in, and ‘if’ has become ‘when’. So, whilst your backup environment might be the recovery repository of your last resort, it’s important to ensure that environment is also uncompromised.

So, what about those terms and phrases that we keep hearing? You won’t be surprised to know that a lot of our customers are asking about immutable backups and airgaps. Sometimes, they’re considering going old school and making a copy of their data to tape, just to be on the safe side. And with an increasing threat vector, we think it’s great that people are becoming more aware of these issues. Even if you haven’t fallen victim to ransomware, it’s important to consider how your business would respond in the event of a disaster.

What is an airgap?

But what is an airgap? In short, an airgap is a security measure that ensures a secure network is isolated from an unsecured network. In which case, there’s no doubt that you should be thinking about them. And, more importantly, considering whether a physical or virtual airgap is the right choice for you and your business. A physical airgap will undoubtedly give you a greater measure of security and resilience against ransomware, but you may have to make compromises around data availability. So, you need to be asking yourself: which risk is the most important to mitigate?

Physical airgaps

Your tapes can only get written to when they are mounted on a drive, but there are good reasons why organisations have moved away from tape; the lack of speed when it comes to recoverability and a reduction in costs for disk-based backup to name just two.  But if you are only storing your backup data on disk, you’re going to run into some issues eventually, even more now than ever before. If you’re storing your critical backup data on a filesystem that’s within your current infrastructure, you’ve got to do your best to make sure that it’s not open to the same risks.

• Is your data stored on a standard Windows filesystem?
• Is that system regularly patched?
• Is that system on the domain and thus accessible by the same domain IDs that can access other machines on the network?

It probably sounds like we’re telling you to assume the worst. And you’d be right, that’s exactly what we’re telling you to do. Always suppose that somebody unauthorised will try to get into your systems, and then make it as challenging as possible for that to happen. If that makes it harder for Backup Administrators to get into the infrastructure as well, good. It’s a job well done.

Virtual airgaps

But what about a virtual air gap? And can it give you the same level of security that you’d get from a physical airgap?

Let’s consider the scenario where you’re starting to use a connection to cloud infrastructure. You continue to store the copy of your data on a Windows based infra on the cloud. In this case, although you may be taking advantage of the distance and the http cloud connection, your windows server is still going to be at risk. Ask yourself the following questions about your data security:

• Is it accessible via public IP?
• Are you ensuring the patching of that server is up to date?
• Is it as secure (or more secure) than your on-premise environments?

Rather than storing the data on a traditional filesystem within the cloud, you’ll get more security if you’re storing the additional copy of the data on Object Storage using the S3 Protocol. You can take advantage of redundancy or snapshots on offer from the Cloud Provider, and the data is generally only going to be accessible if you have access to it via API. That’s less exposed than relying on AD authentication. Whilst it doesn’t give you the full immutability that you’d have if you were storing that copy on offsite tape, you might find that it’s the compromise that you’re willing to take between Data Availability and Data Security.

Fancy learning more about airgaps or what you can do to ensure your networks are kept secure? Give our experts a call here or drop us an email at info@predatar.com

If you’re in the tech industry, you’ll no doubt have heard the term ‘modernisation’. So, why do organisations need to modernise and transform their data protection systems? We’re always assuming that organisations are looking to modernise. But, it’s worth us looking back now and then to understand what the drivers are for modernisation.

So, let’s cut to the chase. Simply; workloads and customer requirements have changed. Data protection needs to evolve just to keep pace, let alone stay ahead.

Ten years ago…

What about now?

It’s clear that you’ve modernised in more ways than one. But, many organisations still have infrastructure sitting on-premise. This is either because of choice or because of circumstance. Of course, that’s not to say that on-premise doesn’t have its place; it does. The bottom line is you still need to protect all these systems, wherever they may be.

What now?

Data protection is the final port of call for data resilience. This means that modernising it is a crucial step to achieve optimal resilience for you and your business. Organisations must ensure that the copy of their last resort is there when they need it. More importantly, they need to ensure this is the case across the entirety of their infrastructure. As that infrastructure changes, data protection needs to keep pace.

For more information on modernising your data protection environments, you can view a whitepaper that Evaluator Group has produced in partnership with Predatar here.

Over the last 18 months, a lot has been going on at IBM.

It has purchased Red Hat, plans to spin out its managed services business and promoted new leadership. A generational shift is underway to position itself as the leader in open hybrid cloud.

Are these decisions too bold or are they too little too late? Sit back and listen, then let us know what YOU think.

Al and Rick begin by discussing IBM’s decision to essentially split the business in two, with its Global Technology Services arm due to be spun out in 2021, this is then followed by their thoughts on the acquisition of Red Hat as the engine to return the business to revenue growth. Finally, what does this mean for IBM’s overall culture and the technology platform it is building?

It’s becoming a harsh reality that despite your best efforts to protect your businesses from ransomware threats, cybercriminals are always finding new ways to do their dirty work. Attacks are becoming more elaborate and stealthier. In other words, digital transformation isn’t just happening to the good guys. When you get your hands on new technology, the typical threat actor won’t be far behind you.

Out with the old, in with the new (and improved)

This is why it’s crucial to modernize your backup and recovery. New attack tools and methods are the MO of successful attacks, so it’s not enough to just keep up. You need to be ahead of the game. Typically, staying ahead of the game falls to your security professionals who do whatever is within their power to rescue your data post-attack. This often occurs when ransom negotiations are already actively underway. So, it’ll come as no surprise to you that time is of the essence at that stage. Anything and everything that can be done to prepare for an attack should be done in advance.

Are you tough enough?

In one of our previous blogs on recovering from a ransomware attack, we discuss a similar concept. Scrupulous planning, design, and attention to detail are all important factors in being cyber resilient. But the real resiliency lies in the flexibility of people, processes, and technology to address novel threats. The exact nature of attacks and ransom demands are always difficult to predict. But all is not lost, a few key measures go a long way in softening the blow of attacks and improving your protection.

Optimizing your backup environments

But what happens when the threat actors have penetrated the backup environment itself? It’s a difficult situation, but all is not lost. If you’re prepared with a simple, automated process in the event of an attack, you’ll likely be able to recover the majority, if not all, of your data. At Predatar, using the Predatar platform, we add layers of automated cyber resiliency to the backup application itself. We do this by alerting to intrusive behavior or unusual user activity. The platform also provides a forensic command search feature. This feature can be applied worldwide and allows you to detect and block strange activity.

What about people power?

Automation is key to optimizing your backups, but it’s not always one-size-fits-all. A variety of talent and skills amongst your people is imperative. On some occasions, the Predatar platform may not be alerted to the compromise by network security. This can happen if the attack MO is particularly unusual or complex. In which case, it may be unable to detect the attack through an IoC backup scan or deviation alarm. So, what then? The platform harbors another layer of resiliency. Any qualified Predatar user can sound the alarm and describe the details of the attack, its signature and the extent of the infection.

At this point, all decision-makers and everyone with the correct permissions will be notified. In the meantime, Predatar automatically searches for and recovers critical assets to a quarantine area. There they will stay until given the all-clear to be moved into production or an alternative environment. Finally, all those assembled will be able to inspect the recovered files and devise a plan of action.