May 07 2021

Dell Tech World 2021: Protecting Valuable Data From Cyberattacks

With ransomware continuing to threaten businesses and consumers alike, the need to protect data — no matter where it’s stored — cannot be overstated.

It’s impossible to put a value on the data your organization creates and collects, so it’s important to treat it as an asset and defend it with the protection it deserves.

Whether stored on-premises, in the cloud, or with a hybrid strategy, data is always vulnerable to attack, and cybercriminals are revising their attack techniques as quickly as new security tools are being developed.

Peter Gerr and Jim Shook of Dell Technologies spoke at this year’s Dell Technologies World about the prevalence of cybercrime, citing some recent high-profile ransomware attacks.

One case Shook mentioned involved “an extremely sophisticated attack where a nation-state worked into a software product and planted some malware. As that product was deployed, it was just leaping onto the good software, and they were evading all of the cybersecurity controls that that organization had in place to block them. They were in the front door before anybody knew.”

In another example, he mentioned a healthcare organization that also was taken down by ransomware. “As part of their obligations for being a public reporting company, they had to talk about material adverse events, and so they revealed that they lost about $67 million to the ransomware attack,” he said.

According to Shook, ransomware attacks are becoming more frequent and more expensive. Referring to research by Cybersecurity Ventures, Shook stated, “Last year, we had a cyber ransomware attack about every 39 seconds, and this year it’s every 11,” he said. “Most of the breaches are financially motivated, and the cost per organization has almost doubled, from $13 million last year to just under $25 million this year. Across all industries, that number’s skyrocketing from one to $6 trillion.”

 

A Resilient Cyber Strategy Includes Defense and Recovery

Shook stressed the need for cyber resilience as a part of any organization’s IT strategy.

“When we talk about cyber resilience, we’re really talking about a high level, holistic strategy that incorporates cybersecurity standards and guidelines and best practices across the organization.”

Gerr added, “Cyber resilience is really about being confident in your organization’s ability to recover from a disruptive event, cyberattack or other ransomware or malware attack.”

“What’s important to understand about cyber recovery is that it’s a component of a larger cyber resilience strategy, one that’s really focused on isolating business-critical data away from the attack surface, the operational air gap, and making sure that that critical data is stored immutably in a hardened vault, which will enable recovery post-attack,” Shook said.

READ MORE: Learn more about cybersecurity in a post-pandemic workspace.

Cyber Recovery Should Include These Key Components

According to Shook, any good cyber recovery solution should include three main components. “The first is isolation,” he said. “Now, this means both physical, via maybe a locked room on- premises in a data center, or off-premises in a cloud-based vault. It also means logical isolation, isolating the data and the management paths, isolating the command and control access separating the cyber recovery vault from the attack surface, from production and from backup environments,” he said.

The second component he listed was immutability, saying, “Dell defines immutability as both hardware and/or software working together with additional controls that ensure the original integrity and availability of the data in the vault is preserved.”

The final component he emphasized was intelligence. A good cyber recovery solution should apply “innovative and comprehensive tools like machine learning and AI within the security of the cyber recovery vault to identify potential cyberthreats and help identify whether data in the vault is recoverable,” he said.

Shook explained that these three components should work together to provide security for all of an organization’s data and to offer the best possible chance of recovering that data in the event of an attack.

Follow along with highlights from Dell Technologies World on our event page.

Getty Images/ Quardia