Are Businesses Adopting A ‘Titanic Mindset’ To Data Recovery?

It was a year ago when the Rhysida ransomware gang made the headlines when it attacked the British Library’s systems, resulting in major disruption and the theft of service users’ data, which was leaked when the British Library refused to co-operate.

Since then, we’ve all witnessed the chaos that erupted from the more recent global outage that made headlines and affected systems across the world. While not a traditional data attack, it’s been estimated to cost businesses up to $1.5 billion and is proof that no organisation can afford to be complacent regarding downtime. 

Lessons, of course, have been learnt. The British Library, in fact, opted for full transparency in the aftermath, publishing details of the intrusion and its response. Meanwhile, CrowdStrike apologised for the faulty software update that led to system crashes at banks, airlines, healthcare, media companies, hotel chains and more.

So, what have we learnt? An organisation’s ability to reliably recover systems and data is non-negotiable. There is absolutely no room for doubt – and if there is, any uncertainty needs to be identified and addressed before disaster strikes. 

Absolute confidence in data recovery
It’s concerning that in recent study we undertook among senior IT professionals in the UK, 78% of respondents admitted they had suffered data loss due to system failure, human error or a cyberattack at least once in the past 12 months.

Yet only just over half (54%) said they are confident they could recover their data and mitigate downtime in a future disaster. 

The fact that only just over half of respondents think their data is recoverable is a concern; this figure should be much nearer to 100%. Otherwise, how can your readiness for recoverability be reported confidently to the business and senior stakeholders? Confidence comes from identifying an organisation’s realistic needs, without compromising on cost or making sure you have the right tools for the job.

Meeting the testing ‘gold standard’
Confidence also comes from thoroughly and repeatedly testing systems and disaster recovery (DR) processes. So, it was surprising to see that of the UK IT professionals interviewed, one in five say they test just once a year or less, while 60% of respondents check their data is fully recoverable and usable once every six months. Just 5% say they test monthly (below). 

We advocate for a ‘gold standard’ for DR testing – twice-yearly, non-invasive full failover tests supported by monthly system boot tests and data integrity checks. In addition to rigorous data validation, testing the ability of workloads (applications and data) for failover capabilities needs to be designed into the recovery plan. This should also allow for network and connectivity testing, a critical and often overlooked component in the testing process.

The challenge is that many technologies deployed today to recover systems and data do not allow for non-disruptive testing. While testing can be carried out, these tests can never be thorough enough without significant disruption and, as a result, deliver a compromised test. 

Organisations need to put in place a well-structured recovery environment to optimise data recovery testing and ensure it can be conducted in the least disruptive way to the business. There are sophisticated solutions now that run testing without consuming vital resources or impacting the day-to-day production environment, which means business-as-usual.

Making data recovery part of business ‘fitness agenda’
When it comes to the core challenges in DR planning, our survey respondents were clear in what they are lacking from the business, with 39% pointing to a lack of skills or expertise in-house, 29% to a lack of investment or budget, and 28% to a lack of senior support. 

A lack of top-down support can foster a culture of complacency, even apathy. If those responsible for protecting and recovering the business in the event of a data issue or cybersecurity attack do not feel that it’s being taken seriously enough, then their approach and attitude may well reflect this.

Aligned to a thorough testing regime is the confidence to report that systems are recoverable, and the business is in a state of readiness to respond. A secondary benefit is that it fosters a culture of professionalism regarding an aspect of IT that often sits in the shadows until it is needed.

To some extent, I think what we’re seeing from this study is a ‘Titanic mindset’ to data recovery, which is potentially putting data - and businesses - at risk. Organisations, it seems, think they are unsinkable -  until they’re not. 

Stephen Young is Executive Director at Assurestor

Image:  SerrNovik

You Might Also Read: 

Make Sure Your Disaster Recovery Plan Works When You Need It Most:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Preparing IT Teams For The Next AI Wave
Increase Security For Your Enterprise Cloud With A Next-Generation Firewall »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Crest International

Crest International

Crest is focused on professionalizing the technical cyber security market whilst driving quality and standards of organizations that operate within it.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

Cyber Seguridad (Cyberseg)

Cyber Seguridad (Cyberseg)

Cyberseg provides specialized Cybersecurity services, including managed services (SOC / CERTs) and solutions for the protection of critical infrastructures.

Padlock

Padlock

Padlock is a trusted platform with an intimate knowledge of the cybersecurity industry that connects businesses with freelance professionals

IoTsploit

IoTsploit

IoTsploit provides 20/20 visibility of network connections, protecting critical infrastructure assets from IoT vulnerabilities.

Cytomic

Cytomic

Cytomic is the business unit of Panda Security specialized in providing advanced cybersecurity solutions and services to large enterprises.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

TechStak

TechStak

TechStak is the easiest way for businesses to find and connect with IT Pros and other technology solution providers in their area.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

Area 1 Security

Area 1 Security

Area 1 is the only Pay-per-Phish solution in cyber security. And the only technology that blocks phishing attacks before they damage your business.

Avetta

Avetta

Avetta One is the industry’s largest Supply Chain Risk Management (SCRM) platform. It enables clients to manage supply chain risks and suppliers to prove the value of their business.

White Tuque

White Tuque

A new way to protect your organization. White Tuque is your partner in identifying threats, understanding your risk, and ensuring your business remains resilient.

Apex Systems

Apex Systems

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions.

CyberHub

CyberHub

CyberHub is an educational platform that offers professional courses and knowledge sharing through articles and videos to help students discover their potential in cybersecurity.

Kivera

Kivera

Kivera enforces your organisation governance and security policies across cloud deployments preventing misconfigurations turning into attack vectors.

Revytech

Revytech

Revytech is a tech company providing services in a broad range of areas including IT operations, cyber security and network engineering.