Are Businesses Adopting A ‘Titanic Mindset’ To Data Recovery?

It was a year ago when the Rhysida ransomware gang made the headlines when it attacked the British Library’s systems, resulting in major disruption and the theft of service users’ data, which was leaked when the British Library refused to co-operate.

Since then, we’ve all witnessed the chaos that erupted from the more recent global outage that made headlines and affected systems across the world. While not a traditional data attack, it’s been estimated to cost businesses up to $1.5 billion and is proof that no organisation can afford to be complacent regarding downtime. 

Lessons, of course, have been learnt. The British Library, in fact, opted for full transparency in the aftermath, publishing details of the intrusion and its response. Meanwhile, CrowdStrike apologised for the faulty software update that led to system crashes at banks, airlines, healthcare, media companies, hotel chains and more.

So, what have we learnt? An organisation’s ability to reliably recover systems and data is non-negotiable. There is absolutely no room for doubt – and if there is, any uncertainty needs to be identified and addressed before disaster strikes. 

Absolute confidence in data recovery
It’s concerning that in recent study we undertook among senior IT professionals in the UK, 78% of respondents admitted they had suffered data loss due to system failure, human error or a cyberattack at least once in the past 12 months.

Yet only just over half (54%) said they are confident they could recover their data and mitigate downtime in a future disaster. 

The fact that only just over half of respondents think their data is recoverable is a concern; this figure should be much nearer to 100%. Otherwise, how can your readiness for recoverability be reported confidently to the business and senior stakeholders? Confidence comes from identifying an organisation’s realistic needs, without compromising on cost or making sure you have the right tools for the job.

Meeting the testing ‘gold standard’
Confidence also comes from thoroughly and repeatedly testing systems and disaster recovery (DR) processes. So, it was surprising to see that of the UK IT professionals interviewed, one in five say they test just once a year or less, while 60% of respondents check their data is fully recoverable and usable once every six months. Just 5% say they test monthly (below). 

We advocate for a ‘gold standard’ for DR testing – twice-yearly, non-invasive full failover tests supported by monthly system boot tests and data integrity checks. In addition to rigorous data validation, testing the ability of workloads (applications and data) for failover capabilities needs to be designed into the recovery plan. This should also allow for network and connectivity testing, a critical and often overlooked component in the testing process.

The challenge is that many technologies deployed today to recover systems and data do not allow for non-disruptive testing. While testing can be carried out, these tests can never be thorough enough without significant disruption and, as a result, deliver a compromised test. 

Organisations need to put in place a well-structured recovery environment to optimise data recovery testing and ensure it can be conducted in the least disruptive way to the business. There are sophisticated solutions now that run testing without consuming vital resources or impacting the day-to-day production environment, which means business-as-usual.

Making data recovery part of business ‘fitness agenda’
When it comes to the core challenges in DR planning, our survey respondents were clear in what they are lacking from the business, with 39% pointing to a lack of skills or expertise in-house, 29% to a lack of investment or budget, and 28% to a lack of senior support. 

A lack of top-down support can foster a culture of complacency, even apathy. If those responsible for protecting and recovering the business in the event of a data issue or cybersecurity attack do not feel that it’s being taken seriously enough, then their approach and attitude may well reflect this.

Aligned to a thorough testing regime is the confidence to report that systems are recoverable, and the business is in a state of readiness to respond. A secondary benefit is that it fosters a culture of professionalism regarding an aspect of IT that often sits in the shadows until it is needed.

To some extent, I think what we’re seeing from this study is a ‘Titanic mindset’ to data recovery, which is potentially putting data - and businesses - at risk. Organisations, it seems, think they are unsinkable -  until they’re not. 

Stephen Young is Executive Director at Assurestor

Image:  SerrNovik

You Might Also Read: 

Make Sure Your Disaster Recovery Plan Works When You Need It Most:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Preparing IT Teams For The Next AI Wave
Increase Security For Your Enterprise Cloud With A Next-Generation Firewall »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CDW

CDW

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada.

NXP Semiconductors

NXP Semiconductors

NXP is a world leader in secure connectivity solutions for embedded applications and the Internet of Things.

CIRT.GY

CIRT.GY

CIRT-GY is the national Computer Incident Response Team for Guyana.

M12

M12

M12 (formerly Microsoft Ventures) is the corporate venture capital subsidiary of Microsoft.

Nokia

Nokia

Nokia is a proven leader in fixed, mobile and IoT security offering capabilities that range from systems design to integration and support.

HighPoint

HighPoint

HighPoint is a leading technology infrastructure solutions provider offering consultancy, solutions and managed services for network infrastructure and cybersecurity.

Cyberwatch Finland

Cyberwatch Finland

Cyberwatch Finland's services improve decision-makers’ strategic situational picture and enable successful holistic cyber risk management.

Catalogic Software

Catalogic Software

Catalogic helps clients backup, recover, manage, and protect their data across their enterprise and cloud environments with Smart Data Protection solutions.

UM6P Ventures

UM6P Ventures

UM6P Ventures is an African based early-stage ventures firm operating two funds; a Digital Transformation fund and a Deeptech Ventures fund.

StrongBox IT

StrongBox IT

Strongbox IT provides solutions to secure web applications and infrastructure.

Arakyta

Arakyta

Arakÿta specializes in business strategy, work flow process and IT systems for organizations.

Rescana

Rescana

Rescana offers a cyber risk management platform with the vision to remove the security team bottlenecks, accelerating business processes that require risk assessment.

DHCO IT

DHCO IT

The DHCO IT team are experts in IT support, cyber security, cloud support and disaster recovery, and are Microsoft 365 partners.

AccessIT Group

AccessIT Group

AccessIT Group is a specialized cybersecurity solutions provider offering a full range of advanced security services.

Vambrace Cybersecurity

Vambrace Cybersecurity

Vambrace is an experienced cybersecurity consultancy and operations outsourcer helping you to secure your business in an increasingly-hostile cyber environment.

Post-Quantum Cryptography Alliance (PQCA)

Post-Quantum Cryptography Alliance (PQCA)

The alliance seeks to address cryptographic security challenges posed by quantum computing by producing high-assurance software implementations of standardized algorithms.