Home » Topics » Cybersecurity » Prioritising cyber resilience in a cloud-first world

Prioritising cyber resilience in a cloud-first world

Keeping your organisation secure requires unity between teams

Avatar photoby Darren Thomson

Despite complexity and cost, it's certainly worth devoting time to your organisation's cyber resilience strategy. Here's what to do

There can be little doubt that cloud services and their associated applications are now deemed ‘business-critical’ to the majority of modern enterprises. With as many as 85 per cent of applications used by businesses expected to be SaaS-based by the close of the year, the growing importance of cyber resilience in a cloud-first world is fast becoming a non-negotiable reality.

However, the exponential growth of cloud has created gaps in cloud-native protection that represent a distinct challenge for organisations who need to ensure that their hybrid and multi-cloud environments are resilient enough to keep pace with the demands of today’s ‘always-on, always available’ business world.

Despite innovations that make it possible to recover data quickly in the event of a crisis, many businesses will face an uphill battle when it comes to rebuilding their cloud environments subsequent to cyber breach. As a consequence, returning to ‘business as usual’ operations can take days or even weeks to achieve.

In a world where organisational resilience now depends on being able to bounce back from cyber incidents and restore operational cloud environments in a matter of minutes, a robust recovery strategy for cloud infrastructure is a must have.

The cyber resilience conundrum

In recent years, the rising dependence on cloud has been fuelled by an exponential increase in data generated by IoT and AI technologies.

As enterprises ramp up their AI deployments, they are utilising hyperscalers such as AWS and Amazon to accommodate their rapidly escalating data storage and processing requirements. This, of course, includes retaining ever increasing volumes of data to comply with AI regulatory obligations and ensure that the output of AI models can be scrutinised for years to come.

While offering compelling cost efficiencies, scalability and fast deployment, the administration associated with public cloud is increasingly difficult to oversee. For example, managing expanding workloads across multiple cloud providers requires very specific and in-depth technical expertise. Meanwhile, since hyperscalers typically utilise proprietary security tools and protection layers, achieving consistent and reliable security enforcement can prove complex for internal IT teams tasked with the responsibility of appropriately configuring, monitoring, securing, and backing up their organisation’s cloud workloads.

Rethinking resilience with cloud in mind

The explosion of data across their multi-cloud, hybrid and on-premises environments is creating a cause for concern among global CIOs, with 86 per cent saying it is beyond the ability of humans to manage.

Aware that the growing complexity of their multi-provider cloud environments exposes their critical data and puts their organisation’s business resilience at risk, these leaders need to be confident they can restore their sensitive data at speed. They also need certainty when it comes to rebuilding their cloud environment and recovering their distributed cloud applications.

To achieve these goals and minimise the risk of contamination resulting from ransomware, CIOs need to ensure their organisations implement a comprehensive cyber recovery plan that prioritises the recovery of both clean data and applications and mitigates downtime.

Cloud application recovery best practices

Preparing for recovery from cyberattacks differs from traditional disaster recovery planning that is designed to counter events such as accidental deletion or failures caused by hardware issues, power outages or natural disasters. For example, if ransomware is not isolated effectively, organisations risk reinfecting restored copies and back-ups when repairing their cloud applications.

When it comes to preparing the cyber recovery plan itself, the following guidance points should be kept in mind:

  1. MVC definition
    Understand what constitutes the minimum viable company (MVC) that allows an organisation to maintain continuous business following an incident. Accept that not everything can be rebuilt immediately, define what the essentials are, and ensure that business leaders support this specific aspect of the plan.
  • Implement the right tools
    Ensure the right remediation and back-up processes are in place, including air-gapped and immutable copies for recovery.
  • Test, and test again
    When the unthinkable happens, teams need to be able to respond effectively under pressure. That means the resilience strategy must undergo real-world rigorous testing, including red teaming, to ensure nothing has been left to chance or theoretical speculation.
  • Utilise a cleanroom
    Ensuring a cleanroom capability is part of your chosen security platform will support the stress-free restoration of uncontaminated data and applications in the on-demand cloud environment.

Recovering what matters the most

Data recovery is just one aspect of cyber resilience for today’s cloud-powered enterprises. Rebuilding applications is an often overlooked task that can prove a time consuming and highly complex proposition when undertaken manually.

Having the capability to recover what matters the most quickly should be a tried and tested component of every cloud-first strategy. Fortunately, today’s advanced security platforms now feature automation and AI options that can facilitate this process in hours or minutes rather than days or weeks. A capability that both streamlines recovery and minimises cost by enabling organisations to recover directly from cloud environments and launch cleanrooms on demand, closing these as soon as recovery and testing is completed.

In today’s increasingly volatile and unpredictable threat landscape, expediting data recovery and the rapid recovery of cloud applications is the gold standard for assuring cyber resilience. Organisations that appropriately reframe their thinking and invest in the right tools and training will be able to confidently rebuild their entire cloud environment and significantly increase their cyber resilience.

Darren Thomson is field CTO EMEAI at Commvault.

Read more

Why slow recovery is the real threat of ransomware events – With ransomware attacks, it’s a case of when (not if) you’ll be hit and, crucially, how long recovery takes. Here’s how to bounce back quicker

Will more AI mean more cyberattacks? – An increased use of AI within organisations could spell a rise in cyberattacks, explains Nick Martindale. Here’s what you can do

The importance of disaster recovery and backup in your cybersecurity strategy – A strong disaster recovery as-a-service (DRaaS) solution can prove the difference between success and failure when it comes to keeping data protected

Related Topics

Cyber Crime
Cyber Resilience

Related Stories

Cybersecurity

Why slow recovery is the real threat of ransomware events

With ransomware attacks, it's a case of when (not if) you'll be hit and, crucially, how long recovery takes. Here's how to bounce back quicker

Cybersecurity

Building blocks – what’s required for my business to be SECURE?

Here is how to build up your cybersecurity defences, broken down step-by-step, to keep your business safe and secure

Cybersecurity

Bridging the IT and security team divide for effective incident response

Greater alignment between IT and security teams is crucial for effective incident response – here's how to lay down the foundations

Cyber Innovation

Why shutting down systems can backfire during a cyber attack

Despite what instinct might dictate, shutting down your systems during a cyber attack could lead to a slew of negative outcomes