A cyber resilient mindset focuses less on blocking every attack than it does on bouncing back from breaches and reducing downtime.
The amount of acceptable downtime varies per organization. “How long can your company survive being down?” Washburn asked. “For some, it’s one to three days. That downtime must be spent in an environment that offers both compute resources and guaranteed isolation from reinfection.”
Why Data Resiliency Is the New Cyber Resiliency
For Rashid Rodriguez, cyber resiliency practice lead at CDW, “data resiliency is a kind of cyber resiliency,” he said. In other words, how fast can your team recover lost data and respond to an incident? “You don’t know how long a threat actor has been hiding in your environment,” he said. That’s why a “multistep approach is key,” added Gary McIntyre, managing director of cyber defense at CDW. To achieve data resiliency, experts suggested immutable storage, continuous data validation and an isolated recovery environment.
FIND OUT: How to build a modern cyber recovery environment.
An isolated, secure environment helps teams evaluate compromised data and validate clean backups. “Customers often say it’s not worth it,” Rodriguez says, “but when production is hit, this becomes essential.”
These clean rooms, also referred to as cyber recovery environments, are organization’s last line of defense. They help teams restore operations after an attack, McIntyre writes in a CDW blog.
Typically, a CRE includes immutable storage, strict access controls, regular data validation and test simulations so teams can keep operations running during an incident.
Click the banner below to become an Insider and gain exclusive insights after the CDW Executive SummIT.